diff options
| author | Jiri Benc <jbenc@redhat.com> | 2016-04-29 17:31:32 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2016-05-02 00:19:58 -0400 |
| commit | b7f8fe251e4609e2a437bd2c2dea01e61db6849c (patch) | |
| tree | 2c1fec745c1ddb827e787b68e16b8ca987874aeb /net | |
| parent | 2c94b53738549d81dc7464a32117d1f5112c64d3 (diff) | |
gre: do not pull header in ICMP error processing
iptunnel_pull_header expects that IP header was already pulled; with this
expectation, it pulls the tunnel header. This is not true in gre_err.
Furthermore, ipv4_update_pmtu and ipv4_redirect expect that skb->data points
to the IP header.
We cannot pull the tunnel header in this path. It's just a matter of not
calling iptunnel_pull_header - we don't need any of its effects.
Fixes: bda7bb463436 ("gre: Allow multiple protocol listener for gre protocol.")
Signed-off-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/ipv4/ip_gre.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c index f502d34bcb40..205a2b8a5a84 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c | |||
| @@ -179,6 +179,7 @@ static __be16 tnl_flags_to_gre_flags(__be16 tflags) | |||
| 179 | return flags; | 179 | return flags; |
| 180 | } | 180 | } |
| 181 | 181 | ||
| 182 | /* Fills in tpi and returns header length to be pulled. */ | ||
| 182 | static int parse_gre_header(struct sk_buff *skb, struct tnl_ptk_info *tpi, | 183 | static int parse_gre_header(struct sk_buff *skb, struct tnl_ptk_info *tpi, |
| 183 | bool *csum_err) | 184 | bool *csum_err) |
| 184 | { | 185 | { |
| @@ -238,7 +239,7 @@ static int parse_gre_header(struct sk_buff *skb, struct tnl_ptk_info *tpi, | |||
| 238 | return -EINVAL; | 239 | return -EINVAL; |
| 239 | } | 240 | } |
| 240 | } | 241 | } |
| 241 | return iptunnel_pull_header(skb, hdr_len, tpi->proto, false); | 242 | return hdr_len; |
| 242 | } | 243 | } |
| 243 | 244 | ||
| 244 | static void ipgre_err(struct sk_buff *skb, u32 info, | 245 | static void ipgre_err(struct sk_buff *skb, u32 info, |
| @@ -341,7 +342,7 @@ static void gre_err(struct sk_buff *skb, u32 info) | |||
| 341 | struct tnl_ptk_info tpi; | 342 | struct tnl_ptk_info tpi; |
| 342 | bool csum_err = false; | 343 | bool csum_err = false; |
| 343 | 344 | ||
| 344 | if (parse_gre_header(skb, &tpi, &csum_err)) { | 345 | if (parse_gre_header(skb, &tpi, &csum_err) < 0) { |
| 345 | if (!csum_err) /* ignore csum errors. */ | 346 | if (!csum_err) /* ignore csum errors. */ |
| 346 | return; | 347 | return; |
| 347 | } | 348 | } |
| @@ -419,6 +420,7 @@ static int gre_rcv(struct sk_buff *skb) | |||
| 419 | { | 420 | { |
| 420 | struct tnl_ptk_info tpi; | 421 | struct tnl_ptk_info tpi; |
| 421 | bool csum_err = false; | 422 | bool csum_err = false; |
| 423 | int hdr_len; | ||
| 422 | 424 | ||
| 423 | #ifdef CONFIG_NET_IPGRE_BROADCAST | 425 | #ifdef CONFIG_NET_IPGRE_BROADCAST |
| 424 | if (ipv4_is_multicast(ip_hdr(skb)->daddr)) { | 426 | if (ipv4_is_multicast(ip_hdr(skb)->daddr)) { |
| @@ -428,7 +430,10 @@ static int gre_rcv(struct sk_buff *skb) | |||
| 428 | } | 430 | } |
| 429 | #endif | 431 | #endif |
| 430 | 432 | ||
| 431 | if (parse_gre_header(skb, &tpi, &csum_err) < 0) | 433 | hdr_len = parse_gre_header(skb, &tpi, &csum_err); |
| 434 | if (hdr_len < 0) | ||
| 435 | goto drop; | ||
| 436 | if (iptunnel_pull_header(skb, hdr_len, tpi.proto, false) < 0) | ||
| 432 | goto drop; | 437 | goto drop; |
| 433 | 438 | ||
| 434 | if (ipgre_rcv(skb, &tpi) == PACKET_RCVD) | 439 | if (ipgre_rcv(skb, &tpi) == PACKET_RCVD) |