From owner-freebsd-bugs@FreeBSD.ORG Sat Oct 25 00:10:10 2003 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0124316A4B3 for ; Sat, 25 Oct 2003 00:10:10 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5DC2543FB1 for ; Sat, 25 Oct 2003 00:10:09 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h9P7A9FY022440 for ; Sat, 25 Oct 2003 00:10:09 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h9P7A910022439; Sat, 25 Oct 2003 00:10:09 -0700 (PDT) (envelope-from gnats) Date: Sat, 25 Oct 2003 00:10:09 -0700 (PDT) Message-Id: <200310250710.h9P7A910022439@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: "William A.Carrel" Subject: Re: kern/58359: Strict Multicast Membership (patch w/ sysctl knob) X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "William A.Carrel" List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Oct 2003 07:10:10 -0000 The following reply was made to PR kern/58359; it has been noted by GNATS. From: William A.Carrel To: freebsd-gnats-submit@FreeBSD.org, William A.Carrel Cc: freebsd-net@freebsd.org Subject: Re: kern/58359: Strict Multicast Membership (patch w/ sysctl knob) Date: Sat, 25 Oct 2003 00:00:47 -0700 I've been told thirdhand that there has been some amount of handwringing regarding this PR. My impression is that the worries mainly surround the fact that certain programs may depend on the fairly sparsely documented (http://www.kohala.com/start/mcast.api.txt) behavior currently shown. Change in behavior of decades old code can certainly be a concern, yet I would also like to see the option of the new behavior (which I'm told matches Solaris), therefore... Here is a new patch which provides a sysctl to turn this "extra" filtering on and off. net.inet.udp.strict_mcast_mship. It defaults to off so as to reduce any risk of POLA violation to zero. This also can help push any bikeshed discussions about the default into the future. ;-) If it would help, I can also work on providing a patch for the ip(4) manpage to reflect this option and/or note the current stack behavior more explicitly. Please feel free to let me know what you think, or feel free to let word of what you think drift through a few layers of indirection before it gets to me. I'll do what I can to mitigate concerns either way. :-) Thanks for reading. --- freebsd_current_udp_usrreq.c.orig Fri Oct 24 12:35:36 2003 +++ freebsd_current_udp_usrreq.c Fri Oct 24 23:19:11 2003 @@ -108,6 +108,10 @@ SYSCTL_INT(_net_inet_udp, OID_AUTO, blackhole, CTLFLAG_RW, &blackhole, 0, "Do not send port unreachables for refused connects"); +static int strict_mcast_mship = 0; +SYSCTL_INT(_net_inet_udp, OID_AUTO, strict_mcast_mship, CTLFLAG_RW, + &strict_mcast_mship, 0, "Only send multicast to member sockets"); + struct inpcbhead udb; /* from udp_var.h */ #define udb6 udb /* for KAME src sync over BSD*'s */ struct inpcbinfo udbinfo; @@ -306,6 +310,28 @@ ip->ip_src.s_addr || inp->inp_fport != uh->uh_sport) goto docontinue; + } + /* + * Check multicast packets to make sure they are only + * sent to sockets with multicast memberships for the + * packet's destination address and arrival interface + */ + if (strict_mcast_mship && + IN_MULTICAST(ntohl(ip->ip_dst.s_addr)) && + inp->inp_moptions != NULL) { + int mshipno; + + for (mshipno = 0; + mshipno <= inp->inp_moptions->imo_num_memberships; + ++mshipno) { + if (ip->ip_dst.s_addr == inp->inp_moptions->imo_membership[mshipno]->inm_addr.s_addr && m->m_pkthdr.rcvif == inp->inp_mo +ptions->imo_membership[mshipno]->inm_ifp) + break; + } + if (mshipno == + inp->inp_moptions->imo_num_memberships) + goto docontinue; + } if (last != NULL) { --- freebsd_stable_udp_usrreq.c.orig Fri Oct 24 12:35:46 2003 +++ freebsd_stable_udp_usrreq.c Fri Oct 24 23:22:01 2003 @@ -102,6 +102,10 @@ SYSCTL_INT(_net_inet_udp, OID_AUTO, blackhole, CTLFLAG_RW, &blackhole, 0, "Do not send port unreachables for refused connects"); +static int strict_mcast_mship = 0; +SYSCTL_INT(_net_inet_udp, OID_AUTO, strict_mcast_mship, CTLFLAG_RW, + &strict_mcast_mship, 0, "Only send multicast to member sockets"); + struct inpcbhead udb; /* from udp_var.h */ #define udb6 udb /* for KAME src sync over BSD*'s */ struct inpcbinfo udbinfo; @@ -290,6 +294,27 @@ if (inp->inp_faddr.s_addr != ip->ip_src.s_addr || inp->inp_fport != uh->uh_sport) + continue; + } + /* + * Check multicast packets to make sure they are only + * sent to sockets with multicast memberships for the + * packet's destination address and arrival interface + */ + if (strict_mcast_mship && + IN_MULTICAST(ntohl(ip->ip_dst.s_addr)) && + inp->inp_moptions != NULL) { + int mshipno; + + for (mshipno = 0; + mshipno <= + inp->inp_moptions->imo_num_memberships; + ++mshipno) { + if (ip->ip_dst.s_addr == inp->inp_moptions->imo_membership[mshipno]->inm_addr.s_addr && m->m_pkthdr.rcvif == inp->inp_moptions->imo_membership[mshipno]->inm_ifp) + break; + } + if (mshipno == + inp->inp_moptions->imo_num_memberships) continue; }