diff options
author | gVisor bot <gvisor-bot@google.com> | 2020-10-31 08:22:56 +0000 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-10-31 08:22:56 +0000 |
commit | 2929b6f1f86a65923fe319dc9dabd9c01e0fb25f (patch) | |
tree | e8bab6b16c9368d684c6edb3b211132e35af6206 | |
parent | 537d647f0dca7a8c4ef875fc5d916965a0e3882f (diff) | |
parent | df88f223bb5474a462da65ede6f266eb52f1b2ef (diff) |
Merge release-20201019.0-115-gdf88f223b (automated)
-rw-r--r-- | pkg/tcpip/header/ipv6.go | 6 | ||||
-rw-r--r-- | pkg/tcpip/stack/stack.go | 7 |
2 files changed, 12 insertions, 1 deletions
diff --git a/pkg/tcpip/header/ipv6.go b/pkg/tcpip/header/ipv6.go index 09cb153b1..4e7e5f76a 100644 --- a/pkg/tcpip/header/ipv6.go +++ b/pkg/tcpip/header/ipv6.go @@ -375,6 +375,12 @@ func IsV6LinkLocalAddress(addr tcpip.Address) bool { return addr[0] == 0xfe && (addr[1]&0xc0) == 0x80 } +// IsV6LoopbackAddress determines if the provided address is an IPv6 loopback +// address. +func IsV6LoopbackAddress(addr tcpip.Address) bool { + return addr == IPv6Loopback +} + // IsV6LinkLocalMulticastAddress determines if the provided address is an IPv6 // link-local multicast address. func IsV6LinkLocalMulticastAddress(addr tcpip.Address) bool { diff --git a/pkg/tcpip/stack/stack.go b/pkg/tcpip/stack/stack.go index 25ea6b459..ba0e1a7ec 100644 --- a/pkg/tcpip/stack/stack.go +++ b/pkg/tcpip/stack/stack.go @@ -1210,7 +1210,9 @@ func (s *Stack) FindRoute(id tcpip.NICID, localAddr, remoteAddr tcpip.Address, n isLocalBroadcast := remoteAddr == header.IPv4Broadcast isMulticast := header.IsV4MulticastAddress(remoteAddr) || header.IsV6MulticastAddress(remoteAddr) - needRoute := !(isLocalBroadcast || isMulticast || header.IsV6LinkLocalAddress(remoteAddr)) + isLinkLocal := header.IsV6LinkLocalAddress(remoteAddr) || header.IsV6LinkLocalMulticastAddress(remoteAddr) + IsLoopback := header.IsV4LoopbackAddress(remoteAddr) || header.IsV6LoopbackAddress(remoteAddr) + needRoute := !(isLocalBroadcast || isMulticast || isLinkLocal || IsLoopback) if id != 0 && !needRoute { if nic, ok := s.nics[id]; ok && nic.Enabled() { if addressEndpoint := s.getAddressEP(nic, localAddr, remoteAddr, netProto); addressEndpoint != nil { @@ -1246,6 +1248,9 @@ func (s *Stack) FindRoute(id tcpip.NICID, localAddr, remoteAddr tcpip.Address, n } if !needRoute { + if IsLoopback { + return Route{}, tcpip.ErrBadLocalAddress + } return Route{}, tcpip.ErrNetworkUnreachable } |