Re: [SMACK-discuss] [PATCH RFC] Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets

On 07/10/2018 06:16 PM, Casey Schaufler wrote: ID:NETHER_IPV6_IPV4_LOCAL_INTER_APP_CONNECTION:nether_check_ipv6_srv_ipv4_udp_local_inter_app_connection_internet_access_granted ID:NETHER_IPV6_IPV4_LOCAL_INTER_APP_CONNECTION:nether_check_ipv6_srv_ipv4_udp_local_inter_app_connection_internet_access_denied It's a new thing, so tests are still in review: https://review.tizen.org/gerrit/#/c/183458/ To run the tests on the emulator you need to apply also these patches: (Nether) https://review.tizen.org/gerrit/#/c/183464/ and turn on IPv6 connection tracking in the kernel. I've used a kernel downloaded from https://review.tizen.org/gerrit/#/admin/projects/sdk/emulator/emulator-ke... branch tizen. I know that these tests are Tizen specific, and it might be really time consuming to prepare an environment for them. So, I propose to just use the netcat tool and run one of its instances as a UDP server listening on IPv6 address [::] and the second one as a IPV4 client. e.g. server: nc -6 -l -u 20000 client: nc -u 127.0.0.1 20000 In case of TCP connections, access is properly checked in smack_inet_conn_request(). But when IPv4-mapped IPv6 addresses are used and two processes have write access to each other, smack_socket_sock_rcv_skb() will call smk_skb_to_addr_ipv6() function for IPv4 packets.