diff options
| author | Srinivasarao P <spathi@codeaurora.org> | 2017-12-26 17:35:16 +0530 |
|---|---|---|
| committer | Srinivasarao P <spathi@codeaurora.org> | 2017-12-26 17:37:19 +0530 |
| commit | 9841ef2ef2d380f47d37d5f3e505fa1bb44f9ec6 (patch) | |
| tree | 49ad59fdd8941fb08eefc8383f29e576f59e766a /net/ipv4/ipip.c | |
| parent | 202fde333dc0065e2f2ca3539f5a06a9126f896d (diff) | |
| parent | 7eab308a49db1596e7dca26bbcaffdedf6818e9b (diff) | |
Merge android-4.4.99 (7eab308) into msm-4.4
* refs/heads/tmp-7eab308
Linux 4.4.99
misc: panel: properly restore atomic counter on error path
target: Fix node_acl demo-mode + uncached dynamic shutdown regression
target/iscsi: Fix iSCSI task reassignment handling
brcmfmac: remove setting IBSS mode when stopping AP
tipc: fix link attribute propagation bug
security/keys: add CONFIG_KEYS_COMPAT to Kconfig
tcp/dccp: fix other lockdep splats accessing ireq_opt
tcp/dccp: fix lockdep splat in inet_csk_route_req()
tcp/dccp: fix ireq->opt races
ipip: only increase err_count for some certain type icmp in ipip_err
ppp: fix race in ppp device destruction
sctp: reset owner sk for data chunks on out queues when migrating a sock
tun: allow positive return values on dev_get_valid_name() call
ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
net/unix: don't show information about sockets from other namespaces
ipv6: flowlabel: do not leave opt->tot_len with garbage
packet: avoid panic in packet_getsockopt()
sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
tun: call dev_get_valid_name() before register_netdevice()
l2tp: check ps->sock before running pppol2tp_session_ioctl()
tcp: fix tcp_mtu_probe() vs highest_sack
tun/tap: sanitize TUNSETSNDBUF input
ALSA: seq: Cancel pending autoload work at unbinding device
Input: ims-psu - check if CDC union descriptor is sane
usb: usbtest: fix NULL pointer dereference
mac80211: don't compare TKIP TX MIC key in reinstall prevention
mac80211: use constant time comparison with keys
mac80211: accept key reinstall without changing anything
FROMLIST: binder: fix proc->files use-after-free
Change-Id: I9aaf4f803a5da1fc983879a214b2fddda7879f41
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
Diffstat (limited to 'net/ipv4/ipip.c')
| -rw-r--r-- | net/ipv4/ipip.c | 58 |
1 files changed, 42 insertions, 16 deletions
diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c index a09fb0dec725..486b283a6cd1 100644 --- a/net/ipv4/ipip.c +++ b/net/ipv4/ipip.c @@ -129,42 +129,68 @@ static struct rtnl_link_ops ipip_link_ops __read_mostly; static int ipip_err(struct sk_buff *skb, u32 info) { -/* All the routers (except for Linux) return only - 8 bytes of packet payload. It means, that precise relaying of - ICMP in the real Internet is absolutely infeasible. - */ + /* All the routers (except for Linux) return only + 8 bytes of packet payload. It means, that precise relaying of + ICMP in the real Internet is absolutely infeasible. + */ struct net *net = dev_net(skb->dev); struct ip_tunnel_net *itn = net_generic(net, ipip_net_id); const struct iphdr *iph = (const struct iphdr *)skb->data; - struct ip_tunnel *t; - int err; const int type = icmp_hdr(skb)->type; const int code = icmp_hdr(skb)->code; + struct ip_tunnel *t; + int err = 0; + + switch (type) { + case ICMP_DEST_UNREACH: + switch (code) { + case ICMP_SR_FAILED: + /* Impossible event. */ + goto out; + default: + /* All others are translated to HOST_UNREACH. + * rfc2003 contains "deep thoughts" about NET_UNREACH, + * I believe they are just ether pollution. --ANK + */ + break; + } + break; + + case ICMP_TIME_EXCEEDED: + if (code != ICMP_EXC_TTL) + goto out; + break; + + case ICMP_REDIRECT: + break; + + default: + goto out; + } - err = -ENOENT; t = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY, iph->daddr, iph->saddr, 0); - if (!t) + if (!t) { + err = -ENOENT; goto out; + } if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { - ipv4_update_pmtu(skb, dev_net(skb->dev), info, - t->parms.link, 0, IPPROTO_IPIP, 0); - err = 0; + ipv4_update_pmtu(skb, net, info, t->parms.link, 0, + iph->protocol, 0); goto out; } if (type == ICMP_REDIRECT) { - ipv4_redirect(skb, dev_net(skb->dev), t->parms.link, 0, - IPPROTO_IPIP, 0); - err = 0; + ipv4_redirect(skb, net, t->parms.link, 0, iph->protocol, 0); goto out; } - if (t->parms.iph.daddr == 0) + if (t->parms.iph.daddr == 0) { + err = -ENOENT; goto out; + } - err = 0; if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) goto out; |