Merge branch 'sctp-fixes'

Xin Long says: ==================== sctp: fix the issue that may copy duplicate addrs into assoc's bind address list Patch 1/2 is to fix some indent level. Given that we have kernels out there with this issue, patch 2/2 also fix sctp_raw_to_bind_addrs. v1 -> v2: Explain why we didn't filter the duplicate addresses when global address list gets updated in patch 2/2 changelog. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>

Merge branch 'sctp-fixes'
Xin Long says: ==================== sctp: fix the issue that may copy duplicate addrs into assoc's bind address list Patch 1/2 is to fix some indent level. Given that we have kernels out there with this issue, patch 2/2 also fix sctp_raw_to_bind_addrs. v1 -> v2: Explain why we didn't filter the duplicate addresses when global address list gets updated in patch 2/2 changelog. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
b794e252 · David S. Miller · 92f95322 · b8607805 · b794e252 · b794e252
Commit b794e252 authored Dec 20, 2016 by David S. Miller
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 18 deletions

net/sctp/bind_addr.c net/sctp/bind_addr.c +3 -0

net/sctp/protocol.c net/sctp/protocol.c +22 -18

No files found.
--- a/net/sctp/bind_addr.c
+++ b/net/sctp/bind_addr.c
@@ -292,6 +292,8 @@ int sctp_raw_to_bind_addrs(struct sctp_bind_addr *bp, __u8 *raw_addr_list,
 		}

 		af->from_addr_param(&addr, rawaddr, htons(port), 0);
+		if (sctp_bind_addr_state(bp, &addr) != -1)
+			goto next;
 		retval = sctp_add_bind_addr(bp, &addr, sizeof(addr),
 					    SCTP_ADDR_SRC, gfp);
 		if (retval) {
@@ -300,6 +302,7 @@ int sctp_raw_to_bind_addrs(struct sctp_bind_addr *bp, __u8 *raw_addr_list,
 			break;
 		}

+next:
 		len = ntohs(param->length);
 		addrs_len -= len;
 		raw_addr_list += len;

--- a/net/sctp/protocol.c
+++ b/net/sctp/protocol.c
@@ -205,26 +205,30 @@ int sctp_copy_local_addr_list(struct net *net, struct sctp_bind_addr *bp,
 	list_for_each_entry_rcu(addr, &net->sctp.local_addr_list, list) {
 		if (!addr->valid)
 			continue;
-		if (sctp_in_scope(net, &addr->a, scope)) {
-			/* Now that the address is in scope, check to see if
-			 * the address type is really supported by the local
-			 * sock as well as the remote peer.
-			 */
-			if ((((AF_INET == addr->a.sa.sa_family) &&
-			      (copy_flags & SCTP_ADDR4_PEERSUPP))) ||
-			    (((AF_INET6 == addr->a.sa.sa_family) &&
-			      (copy_flags & SCTP_ADDR6_ALLOWED) &&
-			      (copy_flags & SCTP_ADDR6_PEERSUPP)))) {
-				error = sctp_add_bind_addr(bp, &addr->a,
-						    sizeof(addr->a),
-						    SCTP_ADDR_SRC, GFP_ATOMIC);
-				if (error)
-					goto end_copy;
-			}
-		}
+		if (!sctp_in_scope(net, &addr->a, scope))
+			continue;
+
+		/* Now that the address is in scope, check to see if
+		 * the address type is really supported by the local
+		 * sock as well as the remote peer.
+		 */
+		if (addr->a.sa.sa_family == AF_INET &&
+		    !(copy_flags & SCTP_ADDR4_PEERSUPP))
+			continue;
+		if (addr->a.sa.sa_family == AF_INET6 &&
+		    (!(copy_flags & SCTP_ADDR6_ALLOWED) ||
+		     !(copy_flags & SCTP_ADDR6_PEERSUPP)))
+			continue;
+
+		if (sctp_bind_addr_state(bp, &addr->a) != -1)
+			continue;
+
+		error = sctp_add_bind_addr(bp, &addr->a, sizeof(addr->a),
+					   SCTP_ADDR_SRC, GFP_ATOMIC);
+		if (error)
+			break;
 	}

-end_copy:
 	rcu_read_unlock();
 	return error;
 }