Re: [PATCH] RAW6: Do not allow set IPV6_CHECKSUM for ICMPv6 socket

view
thread

Score:

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Rémi Denis-Courmont <rdenis@...>

To: YOSHIFUJI Hideaki / <yoshfuji@...>

Cc: <davem@...>, <ellre923@...>, <wangchen@...>, <netdev@...>

Subject: Re: [PATCH] RAW6: Do not allow set IPV6_CHECKSUM for ICMPv6 socket

Date: Thursday, April 24, 2008 - 11:26 am

Le Thursday 24 April 2008 15:19:53 YOSHIFUJI Hideaki / 吉藤英明, vous avez écrit :
quoted text> RFC3542 discusses about IPPROTO_IPV6 level IPV6_CHECKSUM socket option
> only. IPPROTO_RAW level IPV6_CHECKSUM socket option is undocumented Linux
> extension.  So, we are free to choose allowing setting that option on
> ICMPv6 socket as we have been doing.

I wonder why RFC3542 forbids the contentious case. Is it a security 
consideration, that userland should not be allowed to create bogus ICMPv6 
packets (IPV6_CHECKSUM can be set after dropping root after opening a raw 
socket, right?), or is it just some random IETF folklore ??

I'd note that my ndisc6 package does call setsockopt(SOL_IPV6, 
ICMPV6_CHECKSUM). Fortunately, it does not check for error values, so I don't 
really care if this is changed.

-- 
Rémi Denis-Courmont
http://www.remlab.net/
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: [PATCH] RAW6: Do not allow set IPV6_CHECKSUM for ICMPv6 ..., David Miller, (Thu Apr 24, 6:48 am)

Re: [PATCH] RAW6: Do not allow set IPV6_CHECKSUM for ICMPv6 ..., YOSHIFUJI Hideaki / , (Thu Apr 24, 8:19 am)

Re: [PATCH] RAW6: Do not allow set IPV6_CHECKSUM for ICMPv6 ..., David Miller, (Fri Apr 25, 12:31 am)

Re: [PATCH] RAW6: Do not allow set IPV6_CHECKSUM for ICMPv6 ..., Rémi Denis-Courmont, (Thu Apr 24, 11:26 am)

Re: [PATCH] RAW6: Do not allow set IPV6_CHECKSUM for ICMPv6 ..., Wang Chen, (Thu Apr 24, 9:03 pm)

Re: [PATCH] RAW6: Do not allow set IPV6_CHECKSUM for ICMPv6 ..., David Miller, (Fri Apr 25, 12:46 am)

Navigation

Mail archive search

Popular discussions


linux-kernel:
Vu Pham	Re: [Scst-devel] Integration of SCST in the mainstream Linux kernel
Quentin Godfroy	possible (ext4 related?) memory leak in kernel 2.6.26
Kentaro Takeda	[TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions.
Greg Kroah-Hartman	[PATCH 004/196] Chinese: add translation of SubmittingPatches
git:
Nguyễn Thái Ngọc	[PATCH] git-grep: add --color to highlight matches
Michael Donaghy	Git Screencast ?
Sam Song	Re: Fwd: [OT] Re: Git via a proxy server?
Seth Falcon	git-svn, remote tracking branch question
linux-netdev:
Volker Armin Hemmann	build error with 2.6.27.6+reiser4+ehci-hub patch. ERROR: "mii_ethtool_gset" [drive...
David Madore	atl1e Ethernet driver not seeing packets sent to 33:33:00:00:00:01 multicast
David Miller	Re: [GIT PULL] [IPV6] COMPAT: Fix SSM applications on 64bit kernels.
Roel Kluin	[PATCH 1] net: fix and typo's
openbsd-misc:
GVG GVG	ssh_exchange_identification: Connection closed by remote host
Richard Stallman	Real men don't attack straw men
askthelist	Packets Per Second Limit?
Sean Darby	Instant Messenger (CLI-based multi-protocol)

Latest forum posts


Netfilter kernel module	7 hours ago	Linux kernel
serial driver xmit problem	10 hours ago	Linux kernel
Why Windows is better than Linux	10 hours ago	Linux general
How can I see my kernel messages in vt12?	17 hours ago	Linux kernel
Grub	1 day ago	Linux general
vmalloc_fault handling in x86_64	1 day ago	Linux kernel
epoll_wait()ing on epoll FD	1 day ago	Linux kernel
Framebuffer in x86_64 causes problems to multiseat	1 day ago	Linux kernel
Difference between 2.4 and 2.6 regarding thread creation	1 day ago	Linux general
Compiling gfs2 on kernel 2.6.27	2 days ago	Linux kernel

Show all forums...

Recent Tags

more tags

Colocation donated by:

Online users

Syndicate