From patchwork Tue Nov  8 14:41:42 2011
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Brian Haley <brian.haley@hp.com>
X-Patchwork-Id: 124387
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 5A5971007D3
	for <patchwork-incoming@ozlabs.org>;
	Wed,  9 Nov 2011 01:51:47 +1100 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932352Ab1KHOvn (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Tue, 8 Nov 2011 09:51:43 -0500
Received: from g5t0007.atlanta.hp.com ([15.192.0.44]:8503 "EHLO
	g5t0007.atlanta.hp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755121Ab1KHOvm (ORCPT
	<rfc822;netdev@vger.kernel.org>); Tue, 8 Nov 2011 09:51:42 -0500
X-Greylist: delayed 597 seconds by postgrey-1.27 at vger.kernel.org;
	Tue, 08 Nov 2011 09:51:42 EST
Received: from g5t0012.atlanta.hp.com (unknown [15.192.0.16])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by g5t0007.atlanta.hp.com (Postfix) with ESMTPS id A42E71411C;
	Tue,  8 Nov 2011 14:41:44 +0000 (UTC)
Received: from [16.1.1.40] (c-24-62-108-14.hsd1.ma.comcast.net
	[24.62.108.14])
	by g5t0012.atlanta.hp.com (Postfix) with ESMTPSA id 5508510005;
	Tue,  8 Nov 2011 14:41:43 +0000 (UTC)
Message-ID: <4EB93FA6.3090709@hp.com>
Date: Tue, 08 Nov 2011 09:41:42 -0500
From: Brian Haley <brian.haley@hp.com>
Organization: HP Cloud Services
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.23) Gecko/20110921 Lightning/1.0b2 Thunderbird/3.1.15
MIME-Version: 1.0
To: David Miller <davem@davemloft.net>
CC: "netdev@vger.kernel.org" <netdev@vger.kernel.org>,
	Kumar Sanghvi <divinekumar@gmail.com>
Subject: [PATCH] ipv6: drop packets when source address is multicast
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

RFC 4291 Section 2.7 says Multicast addresses must not be used as source
addresses in IPv6 packets - drop them on input so we don't process the
packet further.

Signed-off-by: Brian Haley <brian.haley@hp.com>
Reported-and-Tested-by: Kumar Sanghvi <divinekumar@gmail.com>
---
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c
index 027c7ff..a46c64e 100644
--- a/net/ipv6/ip6_input.c
+++ b/net/ipv6/ip6_input.c
@@ -111,6 +111,14 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt
 	    ipv6_addr_loopback(&hdr->daddr))
 		goto err;
 
+	/*
+	 * RFC4291 2.7
+	 * Multicast addresses must not be used as source addresses in IPv6
+	 * packets or appear in any Routing header.
+	 */
+	if (ipv6_addr_is_multicast(&hdr->saddr))
+		goto err;
+
 	skb->transport_header = skb->network_header + sizeof(*hdr);
 	IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr);