From: Beniamino Galvani <b.galvani@gmail.com>
Date: Thu, 22 Feb 2018 17:09:33 +0000 (+0100)
Subject: libsystemd-network: fix endianness in ARP BPF filter (#8255)
X-Git-Tag: v238~66
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6afe9046d570fd86dbc04526b5685c64d7958086;p=thirdparty%2Fsystemd.git

libsystemd-network: fix endianness in ARP BPF filter (#8255)

Commit f11cba7479fe ("libsystemd-network: fix unaligned loads (issue #7654)")
changed the way in which the MAC address is read to use native endiannes:

 htobe32(*((uint32_t *)x)  ->  unaligned_read_ne32(x)

This is wrong because loads done with BPF_LD + BPF_ABS are big-endian, as it
can be seen for the ethertype and arp-operation loads above in the
filter.  Also, the same commit changed:

 htobe32(*((unsigned int *)x) -> unaligned_read_be32(x)

in _bind_raw_socket(), which is the correct form.

The commit broke IPv4LL in presence of loops, as the sender now considers its
own packets as conflicting.

Fixes: f11cba7479fe29a9dab9e3151bbca4302d173811
---

diff --git a/src/libsystemd-network/arp-util.c b/src/libsystemd-network/arp-util.c
index 89e68c7ac7f..b8e9b2e4963 100644
--- a/src/libsystemd-network/arp-util.c
+++ b/src/libsystemd-network/arp-util.c
@@ -49,12 +49,12 @@ int arp_network_bind_raw_socket(int ifindex, be32_t address, const struct ether_
                 BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REPLY, 1, 0),                        /* protocol == reply ? */
                 BPF_STMT(BPF_RET + BPF_K, 0),                                                  /* ignore */
                 /* Sender Hardware Address must be different from our own */
-                BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_ne32(&eth_mac->ether_addr_octet[0])),/* A <- 4 bytes of client's MAC */
+                BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_be32(&eth_mac->ether_addr_octet[0])),/* A <- 4 bytes of client's MAC */
                 BPF_STMT(BPF_MISC + BPF_TAX, 0),                                               /* X <- A */
                 BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_sha)),       /* A <- 4 bytes of SHA */
                 BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0),                                        /* A xor X */
                 BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 6),                                  /* A == 0 ? */
-                BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_ne16(&eth_mac->ether_addr_octet[4])),/* A <- remainder of client's MAC */
+                BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_be16(&eth_mac->ether_addr_octet[4])),/* A <- remainder of client's MAC */
                 BPF_STMT(BPF_MISC + BPF_TAX, 0),                                               /* X <- A */
                 BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, arp_sha) + 4),   /* A <- remainder of SHA */
                 BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0),                                        /* A xor X */