diff options
| author | Greg Kroah-Hartman <gregkh@google.com> | 2021-04-07 13:34:18 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@google.com> | 2021-04-07 13:34:18 +0200 |
| commit | 816b5bcff6fe2e18ee7e30a300c13e1e97d51f23 (patch) | |
| tree | 440ad4885111bdc92d9ae4be4a400d763cf178d6 /net/ipv6 | |
| parent | 7a842f5f3a816a818dc89e4ec4cffb7a32a38543 (diff) | |
| parent | a0c646821e9dedc5368abd2f71f50ebe2c351d19 (diff) | |
Merge 4.4.265 into android-4.4-p
Changes in 4.4.265
selinux: vsock: Set SID for socket returned by accept()
ipv6: weaken the v4mapped source check
ext4: fix bh ref count on error paths
rpc: fix NULL dereference on kmalloc failure
ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10
ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10
ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe
scsi: st: Fix a use after free in st_open()
scsi: qla2xxx: Fix broken #endif placement
staging: comedi: cb_pcidas: fix request_irq() warn
staging: comedi: cb_pcidas64: fix request_irq() warn
ext4: do not iput inode under running transaction in ext4_rename()
appletalk: Fix skb allocation size in loopback case
net: wan/lmc: unregister device when no matching device is found
ALSA: usb-audio: Apply sample rate quirk to Logitech Connect
ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook
tracing: Fix stack trace event size
mm: fix race by making init_zero_pfn() early_initcall
reiserfs: update reiserfs_xattrs_initialized() condition
pinctrl: rockchip: fix restore error in resume
extcon: Fix error handling in extcon_dev_register
firewire: nosy: Fix a use-after-free bug in nosy_ioctl()
USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem
cdc-acm: fix BREAK rx code path adding necessary calls
USB: cdc-acm: downgrade message to debug
USB: cdc-acm: fix use-after-free after probe failure
staging: rtl8192e: Fix incorrect source in memcpy()
staging: rtl8192e: Change state information from u16 to u8
Linux 4.4.265
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I23368777e608080ef12898664935fe7394c5f40d
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/ip6_input.c | 10 | ||||
| -rw-r--r-- | net/ipv6/tcp_ipv6.c | 5 |
2 files changed, 5 insertions, 10 deletions
diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c index c83c0faf5ae9..9075acf081dd 100644 --- a/net/ipv6/ip6_input.c +++ b/net/ipv6/ip6_input.c @@ -151,16 +151,6 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt if (ipv6_addr_is_multicast(&hdr->saddr)) goto err; - /* While RFC4291 is not explicit about v4mapped addresses - * in IPv6 headers, it seems clear linux dual-stack - * model can not deal properly with these. - * Security models could be fooled by ::ffff:127.0.0.1 for example. - * - * https://tools.ietf.org/html/draft-itojun-v6ops-v4mapped-harmful-02 - */ - if (ipv6_addr_v4mapped(&hdr->saddr)) - goto err; - skb->transport_header = skb->network_header + sizeof(*hdr); IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr); diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 46f93529da7e..2102604b7a37 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -980,6 +980,11 @@ static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) if (!ipv6_unicast_destination(skb)) goto drop; + if (ipv6_addr_v4mapped(&ipv6_hdr(skb)->saddr)) { + IP6_INC_STATS_BH(sock_net(sk), NULL, IPSTATS_MIB_INHDRERRORS); + return 0; + } + return tcp_conn_request(&tcp6_request_sock_ops, &tcp_request_sock_ipv6_ops, sk, skb); |