diff options
| author | Eric Dumazet <edumazet@google.com> | 2015-03-24 18:58:54 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2015-03-24 21:16:29 -0400 |
| commit | ff74e23f7edb3759d1290b10f80222e3bbb6304b (patch) | |
| tree | 72cb9b6121234d31fc179bf9d780c51f3c3a6e85 /net/ipv6 | |
| parent | 0980c1e3084572b1d6c35ace5d795cf68b7ae409 (diff) | |
tcp: md5: input path is run under rcu protected sections
It is guaranteed that both tcp_v4_rcv() and tcp_v6_rcv()
run from rcu read locked sections :
ip_local_deliver_finish() and ip6_input_finish() both
use rcu_read_lock()
Also align tcp_v6_inbound_md5_hash() on tcp_v4_inbound_md5_hash()
by returning a boolean.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/tcp_ipv6.c | 25 |
1 files changed, 6 insertions, 19 deletions
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 4a4e6d30c448..078e7d0f4cd8 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c | |||
| @@ -633,8 +633,7 @@ clear_hash_noput: | |||
| 633 | return 1; | 633 | return 1; |
| 634 | } | 634 | } |
| 635 | 635 | ||
| 636 | static int __tcp_v6_inbound_md5_hash(struct sock *sk, | 636 | static bool tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb) |
| 637 | const struct sk_buff *skb) | ||
| 638 | { | 637 | { |
| 639 | const __u8 *hash_location = NULL; | 638 | const __u8 *hash_location = NULL; |
| 640 | struct tcp_md5sig_key *hash_expected; | 639 | struct tcp_md5sig_key *hash_expected; |
| @@ -648,16 +647,16 @@ static int __tcp_v6_inbound_md5_hash(struct sock *sk, | |||
| 648 | 647 | ||
| 649 | /* We've parsed the options - do we have a hash? */ | 648 | /* We've parsed the options - do we have a hash? */ |
| 650 | if (!hash_expected && !hash_location) | 649 | if (!hash_expected && !hash_location) |
| 651 | return 0; | 650 | return false; |
| 652 | 651 | ||
| 653 | if (hash_expected && !hash_location) { | 652 | if (hash_expected && !hash_location) { |
| 654 | NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND); | 653 | NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND); |
| 655 | return 1; | 654 | return true; |
| 656 | } | 655 | } |
| 657 | 656 | ||
| 658 | if (!hash_expected && hash_location) { | 657 | if (!hash_expected && hash_location) { |
| 659 | NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED); | 658 | NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED); |
| 660 | return 1; | 659 | return true; |
| 661 | } | 660 | } |
| 662 | 661 | ||
| 663 | /* check the signature */ | 662 | /* check the signature */ |
| @@ -670,22 +669,10 @@ static int __tcp_v6_inbound_md5_hash(struct sock *sk, | |||
| 670 | genhash ? "failed" : "mismatch", | 669 | genhash ? "failed" : "mismatch", |
| 671 | &ip6h->saddr, ntohs(th->source), | 670 | &ip6h->saddr, ntohs(th->source), |
| 672 | &ip6h->daddr, ntohs(th->dest)); | 671 | &ip6h->daddr, ntohs(th->dest)); |
| 673 | return 1; | 672 | return true; |
| 674 | } | 673 | } |
| 675 | return 0; | 674 | return false; |
| 676 | } | ||
| 677 | |||
| 678 | static int tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb) | ||
| 679 | { | ||
| 680 | int ret; | ||
| 681 | |||
| 682 | rcu_read_lock(); | ||
| 683 | ret = __tcp_v6_inbound_md5_hash(sk, skb); | ||
| 684 | rcu_read_unlock(); | ||
| 685 | |||
| 686 | return ret; | ||
| 687 | } | 675 | } |
| 688 | |||
| 689 | #endif | 676 | #endif |
| 690 | 677 | ||
| 691 | static void tcp_v6_init_req(struct request_sock *req, struct sock *sk, | 678 | static void tcp_v6_init_req(struct request_sock *req, struct sock *sk, |