morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 08:25:20 +09:00
Code Issues Packages Projects Releases Wiki Activity

ssh-generator: filter out bogus vsock addresses

Browse Source 
When VirtIO VSOCK device is not present, IOCTL_VM_SOCKETS_GET_LOCAL_CID
returns VMADDR_CID_LOCAL/1, and we issue a hint to connect to vsock%1.
This does not work. Filter out VMADDR_CID_LOCAL and VMADDR_CID_HOST,
those are not real addresses that can be used from the outside.
This commit is contained in:
Zbigniew Jędrzejewski-Szmek
2025-11-05 18:39:09 +01:00
parent 3bfdc950f7
commit 492ae9ec4e
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/basic/socket-util.c
View File

@@ -1932,6 +1932,13 @@ int vsock_get_local_cid(unsigned *ret) {
return log_debug_errno(errno, "Failed to query local AF_VSOCK CID: %m");
log_debug("Local AF_VSOCK CID: %u", tmp);
/* If ret == NULL, we're just want to check if AF_VSOCK is available, so accept
* any address. Otherwise, filter out special addresses that are cannot be used
* to identify _this_ machine from the outside. */
if (ret && IN_SET(tmp, VMADDR_CID_LOCAL, VMADDR_CID_HOST))
return log_debug_errno(SYNTHETIC_ERRNO(EADDRNOTAVAIL),
"IOCTL_VM_SOCKETS_GET_LOCAL_CID returned special value (%u), ignoring.", tmp);
if (ret)
*ret = tmp;
return 0;