Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 5 product line. The current stable release is 5.10. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 486204

Summary: [ipv6 RAW] Disallow IPPROTO_IPV6-level IPV6_CHECKSUM socket option on ICMPv6 sockets
Product: Red Hat Enterprise Linux 5 Reporter: Dave Maley <dmaley>
Component: kernelAssignee: Jiri Pirko <jpirko>
Status: CLOSED ERRATA QA Contact: Red Hat Kernel QE team <kernel-qe>
Severity: medium Docs Contact:
Priority: medium    
Version: 5.3CC: cward, dzickus, emcnabb, nhorman, qcai, rkhan, tao, tgraf
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-09-02 08:49:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
reproducer
none
patch provided by partner none

Description Dave Maley 2009-02-18 20:59:27 UTC 
Description of problem:
RFC3542 tells that 'IPV6_CHECKSUM' socket option in the 'IPPROTO_IPV6' level is not allowed on ICMPv6 sockets.  So When use setsockopt() with option 'IPV6_CHECKSUM' and level 'IPPROTO_IPV6' on ICMPv6 sockets, kernel should return an error 'EINVAL'.


Version-Release number of selected component (if applicable):
2.6.18-128.EL


How reproducible:
every time


Steps to Reproduce:
(see attached reproducer)
1. # gcc -o raw-3 raw-3.c
2. # ./raw-3

  
Actual results:
Kernel return 0

Reproduce program log.
# ./raw-3
== create an IPv6 raw socket ==
== set the value of IPV6_CHECKSUM option ==
kernel return: 0
ERROR: sucess to set IPV6_CHECKSUM socket option in the IPPROTO_IPV6 level on ICMPv6 sockets
<=====NG=====>


Expected results:
Kernel return 'EINVAL'


Additional info:
The reproduction program:
  raw-3.c

The patch file is attached:
  file: net-fix-return-value-when-set-IPV6_CHECKSUM-on-raw-sockets.patch

This patch has already been applied for the Community's kernel.
Comment 1 Dave Maley 2009-02-18 21:00:56 UTC 
Created attachment 332451 [details]
reproducer

# gcc -o raw-3 raw-3.c
# ./raw-3
Comment 2 Dave Maley 2009-02-18 21:01:58 UTC 
Created attachment 332452 [details]
patch provided by partner

upstream info:
commit 1a98d05f59704d60be85b03f727964e15c77224c
Author: YOSHIFUJI Hideaki <yoshfuji>
Date:   Thu Apr 24 21:30:38 2008 -0700
Comment 5 RHEL Program Management 2009-03-10 19:48:09 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 6 Don Zickus 2009-03-23 15:53:17 UTC 
in kernel-2.6.18-136.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5

Please do NOT transition this bugzilla state to VERIFIED until our QE team
has sent specific instructions indicating when to do so.  However feel free
to provide a comment indicating that this fix has been verified.
Comment 9 Chris Ward 2009-07-03 18:25:05 UTC 
~~ Attention - RHEL 5.4 Beta Released! ~~

RHEL 5.4 Beta has been released! There should be a fix present in the Beta release that addresses this particular request. Please test and report back results here, at your earliest convenience. RHEL 5.4 General Availability release is just around the corner!

If you encounter any issues while testing Beta, please describe the issues you have encountered and set the bug into NEED_INFO. If you encounter new issues, please clone this bug to open a new issue and request it be reviewed for inclusion in RHEL 5.4 or a later update, if it is not of urgent severity.

Please do not flip the bug status to VERIFIED. Only post your verification results, and if available, update Verified field with the appropriate value.

Questions can be posted to this bug or your customer or partner representative.
Comment 10 Chris Ward 2009-07-10 19:11:11 UTC 
~~ Attention Partners - RHEL 5.4 Snapshot 1 Released! ~~

RHEL 5.4 Snapshot 1 has been released on partners.redhat.com. If you have already reported your test results, you can safely ignore this request. Otherwise, please notice that there should be a fix available now that addresses this particular request. Please test and report back your results here, at your earliest convenience. The RHEL 5.4 exception freeze is quickly approaching.

If you encounter any issues while testing Beta, please describe the issues you have encountered and set the bug into NEED_INFO. If you encounter new issues, please clone this bug to open a new issue and request it be reviewed for inclusion in RHEL 5.4 or a later update, if it is not of urgent severity.

Do not flip the bug status to VERIFIED. Instead, please set your Partner ID in the Verified field above if you have successfully verified the resolution of this issue. 

Further questions can be directed to your Red Hat Partner Manager or other appropriate customer representative.
Comment 13 errata-xmlrpc 2009-09-02 08:49:19 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2009-1243.html