erspan: fix invalid erspan version. · tjh.dev/kernel@02f99df

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

erspan: fix invalid erspan version.

ERSPAN only support version 1 and 2. When packets send to an
erspan device which does not have proper version number set,
drop the packet. In real case, we observe multicast packets
sent to the erspan pernet device, erspan0, which does not have
erspan version configured.

Reported-by: Greg Rose <gvrose8192@gmail.com>
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

William Tu and committed by

David S. Miller 8 years ago 02f99df1 d13d170c

+7 -2

2 changed files

expand all

net

ipv4

ip_gre.c

ipv6

ip6_gre.c

+3 -1

net/ipv4/ip_gre.c

··· 722 722 erspan_build_header(skb, ntohl(tunnel->parms.o_key), 723 723 tunnel->index, 724 724 truncate, true); 725 - else 725 + else if (tunnel->erspan_ver == 2) 726 726 erspan_build_header_v2(skb, ntohl(tunnel->parms.o_key), 727 727 tunnel->dir, tunnel->hwid, 728 728 truncate, true); 729 + else 730 + goto free_skb; 729 731 730 732 tunnel->parms.o_flags &= ~TUNNEL_KEY; 731 733 __gre_xmit(skb, dev, &tunnel->parms.iph, htons(ETH_P_ERSPAN));

+4 -1

net/ipv6/ip6_gre.c

··· 979 979 erspan_build_header(skb, ntohl(t->parms.o_key), 980 980 t->parms.index, 981 981 truncate, false); 982 - else 982 + else if (t->parms.erspan_ver == 2) 983 983 erspan_build_header_v2(skb, ntohl(t->parms.o_key), 984 984 t->parms.dir, 985 985 t->parms.hwid, 986 986 truncate, false); 987 + else 988 + goto tx_err; 989 + 987 990 fl6.daddr = t->parms.raddr; 988 991 } 989 992