diff options
Diffstat (limited to 'net/ipv4/icmp.c')
| -rw-r--r-- | net/ipv4/icmp.c | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c index 017900172f7d..b39a37a47545 100644 --- a/net/ipv4/icmp.c +++ b/net/ipv4/icmp.c | |||
| @@ -64,7 +64,6 @@ | |||
| 64 | * | 64 | * |
| 65 | */ | 65 | */ |
| 66 | 66 | ||
| 67 | #include <linux/config.h> | ||
| 68 | #include <linux/module.h> | 67 | #include <linux/module.h> |
| 69 | #include <linux/types.h> | 68 | #include <linux/types.h> |
| 70 | #include <linux/jiffies.h> | 69 | #include <linux/jiffies.h> |
| @@ -105,7 +104,7 @@ struct icmp_bxm { | |||
| 105 | 104 | ||
| 106 | struct { | 105 | struct { |
| 107 | struct icmphdr icmph; | 106 | struct icmphdr icmph; |
| 108 | __u32 times[3]; | 107 | __be32 times[3]; |
| 109 | } data; | 108 | } data; |
| 110 | int head_len; | 109 | int head_len; |
| 111 | struct ip_options replyopts; | 110 | struct ip_options replyopts; |
| @@ -188,11 +187,11 @@ struct icmp_err icmp_err_convert[] = { | |||
| 188 | }; | 187 | }; |
| 189 | 188 | ||
| 190 | /* Control parameters for ECHO replies. */ | 189 | /* Control parameters for ECHO replies. */ |
| 191 | int sysctl_icmp_echo_ignore_all; | 190 | int sysctl_icmp_echo_ignore_all __read_mostly; |
| 192 | int sysctl_icmp_echo_ignore_broadcasts = 1; | 191 | int sysctl_icmp_echo_ignore_broadcasts __read_mostly = 1; |
| 193 | 192 | ||
| 194 | /* Control parameter - ignore bogus broadcast responses? */ | 193 | /* Control parameter - ignore bogus broadcast responses? */ |
| 195 | int sysctl_icmp_ignore_bogus_error_responses = 1; | 194 | int sysctl_icmp_ignore_bogus_error_responses __read_mostly = 1; |
| 196 | 195 | ||
| 197 | /* | 196 | /* |
| 198 | * Configurable global rate limit. | 197 | * Configurable global rate limit. |
| @@ -206,9 +205,9 @@ int sysctl_icmp_ignore_bogus_error_responses = 1; | |||
| 206 | * time exceeded (11), parameter problem (12) | 205 | * time exceeded (11), parameter problem (12) |
| 207 | */ | 206 | */ |
| 208 | 207 | ||
| 209 | int sysctl_icmp_ratelimit = 1 * HZ; | 208 | int sysctl_icmp_ratelimit __read_mostly = 1 * HZ; |
| 210 | int sysctl_icmp_ratemask = 0x1818; | 209 | int sysctl_icmp_ratemask __read_mostly = 0x1818; |
| 211 | int sysctl_icmp_errors_use_inbound_ifaddr; | 210 | int sysctl_icmp_errors_use_inbound_ifaddr __read_mostly; |
| 212 | 211 | ||
| 213 | /* | 212 | /* |
| 214 | * ICMP control array. This specifies what to do with each ICMP. | 213 | * ICMP control array. This specifies what to do with each ICMP. |
| @@ -382,7 +381,7 @@ static void icmp_reply(struct icmp_bxm *icmp_param, struct sk_buff *skb) | |||
| 382 | struct inet_sock *inet = inet_sk(sk); | 381 | struct inet_sock *inet = inet_sk(sk); |
| 383 | struct ipcm_cookie ipc; | 382 | struct ipcm_cookie ipc; |
| 384 | struct rtable *rt = (struct rtable *)skb->dst; | 383 | struct rtable *rt = (struct rtable *)skb->dst; |
| 385 | u32 daddr; | 384 | __be32 daddr; |
| 386 | 385 | ||
| 387 | if (ip_options_echo(&icmp_param->replyopts, skb)) | 386 | if (ip_options_echo(&icmp_param->replyopts, skb)) |
| 388 | return; | 387 | return; |
| @@ -407,6 +406,7 @@ static void icmp_reply(struct icmp_bxm *icmp_param, struct sk_buff *skb) | |||
| 407 | .saddr = rt->rt_spec_dst, | 406 | .saddr = rt->rt_spec_dst, |
| 408 | .tos = RT_TOS(skb->nh.iph->tos) } }, | 407 | .tos = RT_TOS(skb->nh.iph->tos) } }, |
| 409 | .proto = IPPROTO_ICMP }; | 408 | .proto = IPPROTO_ICMP }; |
| 409 | security_skb_classify_flow(skb, &fl); | ||
| 410 | if (ip_route_output_key(&rt, &fl)) | 410 | if (ip_route_output_key(&rt, &fl)) |
| 411 | goto out_unlock; | 411 | goto out_unlock; |
| 412 | } | 412 | } |
| @@ -430,14 +430,14 @@ out_unlock: | |||
| 430 | * MUST reply to only the first fragment. | 430 | * MUST reply to only the first fragment. |
| 431 | */ | 431 | */ |
| 432 | 432 | ||
| 433 | void icmp_send(struct sk_buff *skb_in, int type, int code, u32 info) | 433 | void icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info) |
| 434 | { | 434 | { |
| 435 | struct iphdr *iph; | 435 | struct iphdr *iph; |
| 436 | int room; | 436 | int room; |
| 437 | struct icmp_bxm icmp_param; | 437 | struct icmp_bxm icmp_param; |
| 438 | struct rtable *rt = (struct rtable *)skb_in->dst; | 438 | struct rtable *rt = (struct rtable *)skb_in->dst; |
| 439 | struct ipcm_cookie ipc; | 439 | struct ipcm_cookie ipc; |
| 440 | u32 saddr; | 440 | __be32 saddr; |
| 441 | u8 tos; | 441 | u8 tos; |
| 442 | 442 | ||
| 443 | if (!rt) | 443 | if (!rt) |
| @@ -561,6 +561,7 @@ void icmp_send(struct sk_buff *skb_in, int type, int code, u32 info) | |||
| 561 | } | 561 | } |
| 562 | } | 562 | } |
| 563 | }; | 563 | }; |
| 564 | security_skb_classify_flow(skb_in, &fl); | ||
| 564 | if (ip_route_output_key(&rt, &fl)) | 565 | if (ip_route_output_key(&rt, &fl)) |
| 565 | goto out_unlock; | 566 | goto out_unlock; |
| 566 | } | 567 | } |
| @@ -894,7 +895,7 @@ static void icmp_address_reply(struct sk_buff *skb) | |||
| 894 | if (in_dev->ifa_list && | 895 | if (in_dev->ifa_list && |
| 895 | IN_DEV_LOG_MARTIANS(in_dev) && | 896 | IN_DEV_LOG_MARTIANS(in_dev) && |
| 896 | IN_DEV_FORWARD(in_dev)) { | 897 | IN_DEV_FORWARD(in_dev)) { |
| 897 | u32 _mask, *mp; | 898 | __be32 _mask, *mp; |
| 898 | 899 | ||
| 899 | mp = skb_header_pointer(skb, 0, sizeof(_mask), &_mask); | 900 | mp = skb_header_pointer(skb, 0, sizeof(_mask), &_mask); |
| 900 | BUG_ON(mp == NULL); | 901 | BUG_ON(mp == NULL); |
| @@ -929,7 +930,7 @@ int icmp_rcv(struct sk_buff *skb) | |||
| 929 | ICMP_INC_STATS_BH(ICMP_MIB_INMSGS); | 930 | ICMP_INC_STATS_BH(ICMP_MIB_INMSGS); |
| 930 | 931 | ||
| 931 | switch (skb->ip_summed) { | 932 | switch (skb->ip_summed) { |
| 932 | case CHECKSUM_HW: | 933 | case CHECKSUM_COMPLETE: |
| 933 | if (!(u16)csum_fold(skb->csum)) | 934 | if (!(u16)csum_fold(skb->csum)) |
| 934 | break; | 935 | break; |
| 935 | /* fall through */ | 936 | /* fall through */ |