On 11/2/16 6:36 AM, Cyrill Gorcunov wrote: > Also I have a question about sockets lookup not for raw diag only > (though I didn't modify lookup procedure) but in general: the structure > inet_diag_req_v2 has inet_diag_sockid::idiag_if member which supposed to > carry interface index from userspace request. > > Then for example in INET_MATCH (include/net/inet_hashtables.h), > the __dif parameter (which is @idiag_if) compared with @sk_bound_dev_if > *iif* the sk_bound_dev_if has been ever set. Thus if say someone > looks up for paticular device with specified index if the > rest of parameters match and SO_BINDTODEVICE never been called > for this device we return the socket even if idiag_if is not zero. > Is it supposed to be so? Or I miss something obvious? > > I mean this snippet > > > (!(__sk)->sk_bound_dev_if || \ > ((__sk)->sk_bound_dev_if == (__dif))) && \ > > when someone calls for destory sockets on particular interface and > @__dif != 0 the match may return socket where sk_bound_dev_if = 0 > instead of completely matching one. Isn't it?
yes. I recently added an exact_dif to the lookup for listener sockets (see compute_score). Something like that could be added to INET_MATCH.
