From owner-svn-src-all@freebsd.org Mon Aug 27 18:13:21 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D02BA10928A5; Mon, 27 Aug 2018 18:13:21 +0000 (UTC) (envelope-from gallatin@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7C0FC7D326; Mon, 27 Aug 2018 18:13:21 +0000 (UTC) (envelope-from gallatin@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5D5342137D; Mon, 27 Aug 2018 18:13:21 +0000 (UTC) (envelope-from gallatin@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7RIDLPG046505; Mon, 27 Aug 2018 18:13:21 GMT (envelope-from gallatin@FreeBSD.org) Received: (from gallatin@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7RIDLIt046504; Mon, 27 Aug 2018 18:13:21 GMT (envelope-from gallatin@FreeBSD.org) Message-Id: <201808271813.w7RIDLIt046504@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gallatin set sender to gallatin@FreeBSD.org using -f From: Andrew Gallatin Date: Mon, 27 Aug 2018 18:13:21 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r338341 - head/sys/netinet6 X-SVN-Group: head X-SVN-Commit-Author: gallatin X-SVN-Commit-Paths: head/sys/netinet6 X-SVN-Commit-Revision: 338341 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Aug 2018 18:13:22 -0000 Author: gallatin Date: Mon Aug 27 18:13:20 2018 New Revision: 338341 URL: https://svnweb.freebsd.org/changeset/base/338341 Log: Reject IPv4 SO_REUSEPORT_LB groups when looking up an IPv6 listening socket Similar to how the IPv4 code will reject an IPv6 LB group, we must ignore IPv4 LB groups when looking up an IPv6 listening socket. If this is not done, a port only match may return an IPv4 socket, which causes problems (like sending IPv6 packets with a hopcount of 0, making them unrouteable). Thanks to rrs for all the work to diagnose this. Approved by: re (rgrimes) Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D16899 Modified: head/sys/netinet6/in6_pcb.c Modified: head/sys/netinet6/in6_pcb.c ============================================================================== --- head/sys/netinet6/in6_pcb.c Mon Aug 27 15:20:42 2018 (r338340) +++ head/sys/netinet6/in6_pcb.c Mon Aug 27 18:13:20 2018 (r338341) @@ -901,6 +901,10 @@ in6_pcblookup_lbgroup(const struct inpcbinfo *pcbinfo, * - Load balanced does not contain IPv4 mapped INET6 wild sockets. */ LIST_FOREACH(grp, hdr, il_list) { +#ifdef INET + if (!(grp->il_vflag & INP_IPV6)) + continue; +#endif if (grp->il_lport == lport) { idx = 0; int pkt_hash = INP_PCBLBGROUP_PKTHASH(