[net-next v1] net/ipv6: allow any source address for sendmsg pktinfo with ip_nonlocal_bind

[Vincent Bernat]

When freebind feature is set of an IPv6 socket, any source address can
be used when sending UDP datagrams using IPv6 PKTINFO ancillary
message. Global non-local bind feature was added in commit
35a256fee52c ("ipv6: Nonlocal bind") for IPv6. This commit also allows
IPv6 source address spoofing when non-local bind feature is enabled.

Signed-off-by: Vincent Bernat <vinc...@bernat.im>
---
 net/ipv6/datagram.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c
index 201306b9b5ea..c46936563b15 100644
--- a/net/ipv6/datagram.c
+++ b/net/ipv6/datagram.c
@@ -800,7 +800,8 @@ int ip6_datagram_send_ctl(struct net *net, struct sock *sk,
 
                        if (addr_type != IPV6_ADDR_ANY) {
                                int strict = __ipv6_addr_src_scope(addr_type) 
<= IPV6_ADDR_SCOPE_LINKLOCAL;
-                               if (!(inet_sk(sk)->freebind || 
inet_sk(sk)->transparent) &&
+                               if (!(net->ipv6.sysctl.ip_nonlocal_bind ||
+                                     inet_sk(sk)->freebind || 
inet_sk(sk)->transparent) &&
                                    !ipv6_chk_addr_and_flags(net, 
&src_info->ipi6_addr,
                                                             dev, !strict, 0,
                                                             IFA_F_TENTATIVE) &&
-- 
2.18.0