Re: [PATCH net v2 2/2] l2tp: fix races with ipv4-mapped ipv6 addresses

2018-03-12 Thread Guillaume Nault
On Mon, Mar 12, 2018 at 09:53:18AM +0100, Paolo Abeni wrote: > On Fri, 2018-03-09 at 19:26 +0100, Guillaume Nault wrote: > > On Fri, Mar 09, 2018 at 06:58:00PM +0100, Paolo Abeni wrote: > > > The single threaded reproducer does not trigger anymore after 1/2, > > > _but_ if ask syzbot to test 1/2

Re: [PATCH net v2 2/2] l2tp: fix races with ipv4-mapped ipv6 addresses

2018-03-12 Thread Paolo Abeni
On Fri, 2018-03-09 at 19:26 +0100, Guillaume Nault wrote: > On Fri, Mar 09, 2018 at 06:58:00PM +0100, Paolo Abeni wrote: > > The single threaded reproducer does not trigger anymore after 1/2, > > _but_ if ask syzbot to test 1/2 that will trigger another splat, > > because syzbot will do also multi

Re: [PATCH net v2 2/2] l2tp: fix races with ipv4-mapped ipv6 addresses

2018-03-09 Thread Guillaume Nault
On Fri, Mar 09, 2018 at 06:58:00PM +0100, Paolo Abeni wrote: > On Fri, 2018-03-09 at 18:47 +0100, Guillaume Nault wrote: > > On Fri, Mar 09, 2018 at 06:04:03PM +0100, Paolo Abeni wrote: > > > Hi, > > > > > > On Fri, 2018-03-09 at 17:43 +0100, Guillaume Nault wrote: > > > > > diff --git

Re: [PATCH net v2 2/2] l2tp: fix races with ipv4-mapped ipv6 addresses

2018-03-09 Thread Paolo Abeni
On Fri, 2018-03-09 at 18:47 +0100, Guillaume Nault wrote: > On Fri, Mar 09, 2018 at 06:04:03PM +0100, Paolo Abeni wrote: > > Hi, > > > > On Fri, 2018-03-09 at 17:43 +0100, Guillaume Nault wrote: > > > > diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c > > > > index

Re: [PATCH net v2 2/2] l2tp: fix races with ipv4-mapped ipv6 addresses

2018-03-09 Thread Guillaume Nault
On Fri, Mar 09, 2018 at 06:04:03PM +0100, Paolo Abeni wrote: > Hi, > > On Fri, 2018-03-09 at 17:43 +0100, Guillaume Nault wrote: > > > diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c > > > index 83421c6f0bef..9726e3f37745 100644 > > > --- a/net/l2tp/l2tp_core.c > > > +++

Re: [PATCH net v2 2/2] l2tp: fix races with ipv4-mapped ipv6 addresses

2018-03-09 Thread Paolo Abeni
Hi, On Fri, 2018-03-09 at 17:43 +0100, Guillaume Nault wrote: > > diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c > > index 83421c6f0bef..9726e3f37745 100644 > > --- a/net/l2tp/l2tp_core.c > > +++ b/net/l2tp/l2tp_core.c > > @@ -1112,11 +1125,32 @@ int l2tp_xmit_skb(struct l2tp_session

Re: [PATCH net v2 2/2] l2tp: fix races with ipv4-mapped ipv6 addresses

2018-03-09 Thread Guillaume Nault
> diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c > index 83421c6f0bef..9726e3f37745 100644 > --- a/net/l2tp/l2tp_core.c > +++ b/net/l2tp/l2tp_core.c > @@ -1112,11 +1125,32 @@ int l2tp_xmit_skb(struct l2tp_session *session, > struct sk_buff *skb, int hdr_len > goto

[PATCH net v2 2/2] l2tp: fix races with ipv4-mapped ipv6 addresses

2018-03-09 Thread Paolo Abeni
When creating a new socket, l2tp_tunnel_create() ensures that such socket is connected, but when using a socket provided by the user space, no check is done on the socket state. This may foul the later check for ipv6 sockets that are ipv4-mapped, e.g. in case of unconnected ipv6 socket bound to