On Sat, Jul 05, 2014 at 10:39:09AM -0600, Jason Gunthorpe wrote:
> On Sat, Jul 05, 2014 at 09:03:49AM -0400, Neil Horman wrote:
>
> > > 1) Requesting COOKIE_ACK to be auth'd but not COOKIE_ECHO (or vice
> > > versa) caused an immediate panic in a IRQ context, 'go reboot your
> > > machine' with sctp traceback. I would need to setup in a VM to
> > > capture the oops text..
> >
> > Do you have the panic backtrace?
>
> No, the machine crashed in a way that produced no permanent log. I
> will have to reproduce it in a VM.
>
Ok, please do, otherwise you don't have enough information for us to help you
here.
> > > 2) SCTP_I_WANT_MAPPED_V4_ADDR returns a 0 AF_INET6 for all IPv4
> > > addresses, looking at the code I think the functionality is just
> > > not implemented?
> > No, its implemented, not sure why you would get a 0 address here.
>
> Sorry, I see I was unclear, SCTP_I_WANT_MAPPED_V4_ADDR=1 (the
> default works fine), it is SCTP_I_WANT_MAPPED_V4_ADDR=0 that doesn't
> seem implemented.
>
> Look at functions like this:
>
> /* Initialize sk->sk_rcv_saddr from sctp_addr. */
> static void sctp_v6_to_sk_saddr(union sctp_addr *addr, struct sock *sk)
> {
> if (addr->sa.sa_family == AF_INET && sctp_sk(sk)->v4mapped) {
> inet6_sk(sk)->rcv_saddr.s6_addr32[0] = 0;
> inet6_sk(sk)->rcv_saddr.s6_addr32[1] = 0;
> inet6_sk(sk)->rcv_saddr.s6_addr32[2] =
> htonl(0x0000ffff);
> inet6_sk(sk)->rcv_saddr.s6_addr32[3] =
> addr->v4.sin_addr.s_addr;
> } else {
> inet6_sk(sk)->rcv_saddr = addr->v6.sin6_addr;
> }
> }
>
> There is no if block to handle 'addr->sa.sa_family == AF_INET &&
> !sctp_sk(sk)->v4mapped'
>
Yes, there is, its the else clause there. This is the ipv6 to_sk_saddr
function. If you don't want a v4mapped address, you should assign a real ipv6
address to the socket. What seems wierd is that there isn't an extra check to
ensure that the family is AF_INET6 in the else clause, but I think its done
higher up the call stack. Although if its not, that could be a problem
> Instead it falls through to copying memory beyond the end of the
> socket address. This has always resulted in a zero AF_INET6 address in
> my handful of tests.
>
Hmm, looking at the code, I'm not sure how we reach that point. You need to set
you sa_family code to AF_INET6 to get the v6 mapping function to be called, but
it only does the v4mapping above if the sa_family is AF_INET. Looks like that
might need fixing. I'll look at that on monday.
Neil
--
To unsubscribe from this list: send the line "unsubscribe linux-sctp" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
