commit 071f92d05967a0c8422f1c8587ce0b4d90a8b447 · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

net: The world is not perfect patch.

Unless there will be any objection here, I suggest consider the
following patch which simply removes the code for the
-DI_WISH_WORLD_WERE_PERFECT in the three methods which use it.

The compilation errors we get when using -DI_WISH_WORLD_WERE_PERFECT
show that this code was not built and not used for really a long time.

Signed-off-by: Rami Rosen <ramirose@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by Rami Rosen and committed by David S. Miller 17 years ago 071f92d0 4b749440

+3 -362

3 changed files

expand all

unified split

net

ipv4

ip_gre.c

ipip.c

ipv6

sit.c

+1 -145

net/ipv4/ip_gre.c

··· 313 314 static void ipgre_err(struct sk_buff *skb, u32 info) 315 { 316 - #ifndef I_WISH_WORLD_WERE_PERFECT 317 318 - /* It is not :-( All the routers (except for Linux) return only 319 8 bytes of packet payload. It means, that precise relaying of 320 ICMP in the real Internet is absolutely infeasible. 321 ··· 397 out: 398 read_unlock(&ipgre_lock); 399 return; 400 - #else 401 - struct iphdr *iph = (struct iphdr*)dp; 402 - struct iphdr *eiph; 403 - __be16 *p = (__be16*)(dp+(iph->ihl<<2)); 404 - const int type = icmp_hdr(skb)->type; 405 - const int code = icmp_hdr(skb)->code; 406 - int rel_type = 0; 407 - int rel_code = 0; 408 - __be32 rel_info = 0; 409 - __u32 n = 0; 410 - __be16 flags; 411 - int grehlen = (iph->ihl<<2) + 4; 412 - struct sk_buff *skb2; 413 - struct flowi fl; 414 - struct rtable *rt; 415 - 416 - if (p[1] != htons(ETH_P_IP)) 417 - return; 418 - 419 - flags = p[0]; 420 - if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 421 - if (flags&(GRE_VERSION|GRE_ROUTING)) 422 - return; 423 - if (flags&GRE_CSUM) 424 - grehlen += 4; 425 - if (flags&GRE_KEY) 426 - grehlen += 4; 427 - if (flags&GRE_SEQ) 428 - grehlen += 4; 429 - } 430 - if (len < grehlen + sizeof(struct iphdr)) 431 - return; 432 - eiph = (struct iphdr*)(dp + grehlen); 433 - 434 - switch (type) { 435 - default: 436 - return; 437 - case ICMP_PARAMETERPROB: 438 - n = ntohl(icmp_hdr(skb)->un.gateway) >> 24; 439 - if (n < (iph->ihl<<2)) 440 - return; 441 - 442 - /* So... This guy found something strange INSIDE encapsulated 443 - packet. Well, he is fool, but what can we do ? 444 - */ 445 - rel_type = ICMP_PARAMETERPROB; 446 - n -= grehlen; 447 - rel_info = htonl(n << 24); 448 - break; 449 - 450 - case ICMP_DEST_UNREACH: 451 - switch (code) { 452 - case ICMP_SR_FAILED: 453 - case ICMP_PORT_UNREACH: 454 - /* Impossible event. */ 455 - return; 456 - case ICMP_FRAG_NEEDED: 457 - /* And it is the only really necessary thing :-) */ 458 - n = ntohs(icmp_hdr(skb)->un.frag.mtu); 459 - if (n < grehlen+68) 460 - return; 461 - n -= grehlen; 462 - /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */ 463 - if (n > ntohs(eiph->tot_len)) 464 - return; 465 - rel_info = htonl(n); 466 - break; 467 - default: 468 - /* All others are translated to HOST_UNREACH. 469 - rfc2003 contains "deep thoughts" about NET_UNREACH, 470 - I believe, it is just ether pollution. --ANK 471 - */ 472 - rel_type = ICMP_DEST_UNREACH; 473 - rel_code = ICMP_HOST_UNREACH; 474 - break; 475 - } 476 - break; 477 - case ICMP_TIME_EXCEEDED: 478 - if (code != ICMP_EXC_TTL) 479 - return; 480 - break; 481 - } 482 - 483 - /* Prepare fake skb to feed it to icmp_send */ 484 - skb2 = skb_clone(skb, GFP_ATOMIC); 485 - if (skb2 == NULL) 486 - return; 487 - dst_release(skb2->dst); 488 - skb2->dst = NULL; 489 - skb_pull(skb2, skb->data - (u8*)eiph); 490 - skb_reset_network_header(skb2); 491 - 492 - /* Try to guess incoming interface */ 493 - memset(&fl, 0, sizeof(fl)); 494 - fl.fl4_dst = eiph->saddr; 495 - fl.fl4_tos = RT_TOS(eiph->tos); 496 - fl.proto = IPPROTO_GRE; 497 - if (ip_route_output_key(dev_net(skb->dev), &rt, &fl)) { 498 - kfree_skb(skb2); 499 - return; 500 - } 501 - skb2->dev = rt->u.dst.dev; 502 - 503 - /* route "incoming" packet */ 504 - if (rt->rt_flags&RTCF_LOCAL) { 505 - ip_rt_put(rt); 506 - rt = NULL; 507 - fl.fl4_dst = eiph->daddr; 508 - fl.fl4_src = eiph->saddr; 509 - fl.fl4_tos = eiph->tos; 510 - if (ip_route_output_key(dev_net(skb->dev), &rt, &fl) || 511 - rt->u.dst.dev->type != ARPHRD_IPGRE) { 512 - ip_rt_put(rt); 513 - kfree_skb(skb2); 514 - return; 515 - } 516 - } else { 517 - ip_rt_put(rt); 518 - if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) || 519 - skb2->dst->dev->type != ARPHRD_IPGRE) { 520 - kfree_skb(skb2); 521 - return; 522 - } 523 - } 524 - 525 - /* change mtu on this route */ 526 - if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 527 - if (n > dst_mtu(skb2->dst)) { 528 - kfree_skb(skb2); 529 - return; 530 - } 531 - skb2->dst->ops->update_pmtu(skb2->dst, n); 532 - } else if (type == ICMP_TIME_EXCEEDED) { 533 - struct ip_tunnel *t = netdev_priv(skb2->dev); 534 - if (t->parms.iph.ttl) { 535 - rel_type = ICMP_DEST_UNREACH; 536 - rel_code = ICMP_HOST_UNREACH; 537 - } 538 - } 539 - 540 - icmp_send(skb2, rel_type, rel_code, rel_info); 541 - kfree_skb(skb2); 542 - #endif 543 } 544 545 static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb)

··· 313 314 static void ipgre_err(struct sk_buff *skb, u32 info) 315 { 316 317 + /* All the routers (except for Linux) return only 318 8 bytes of packet payload. It means, that precise relaying of 319 ICMP in the real Internet is absolutely infeasible. 320 ··· 398 out: 399 read_unlock(&ipgre_lock); 400 return; 401 } 402 403 static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb)

+1 -129

net/ipv4/ipip.c

··· 278 279 static int ipip_err(struct sk_buff *skb, u32 info) 280 { 281 - #ifndef I_WISH_WORLD_WERE_PERFECT 282 283 - /* It is not :-( All the routers (except for Linux) return only 284 8 bytes of packet payload. It means, that precise relaying of 285 ICMP in the real Internet is absolutely infeasible. 286 */ ··· 336 out: 337 read_unlock(&ipip_lock); 338 return err; 339 - #else 340 - struct iphdr *iph = (struct iphdr*)dp; 341 - int hlen = iph->ihl<<2; 342 - struct iphdr *eiph; 343 - const int type = icmp_hdr(skb)->type; 344 - const int code = icmp_hdr(skb)->code; 345 - int rel_type = 0; 346 - int rel_code = 0; 347 - __be32 rel_info = 0; 348 - __u32 n = 0; 349 - struct sk_buff *skb2; 350 - struct flowi fl; 351 - struct rtable *rt; 352 - 353 - if (len < hlen + sizeof(struct iphdr)) 354 - return 0; 355 - eiph = (struct iphdr*)(dp + hlen); 356 - 357 - switch (type) { 358 - default: 359 - return 0; 360 - case ICMP_PARAMETERPROB: 361 - n = ntohl(icmp_hdr(skb)->un.gateway) >> 24; 362 - if (n < hlen) 363 - return 0; 364 - 365 - /* So... This guy found something strange INSIDE encapsulated 366 - packet. Well, he is fool, but what can we do ? 367 - */ 368 - rel_type = ICMP_PARAMETERPROB; 369 - rel_info = htonl((n - hlen) << 24); 370 - break; 371 - 372 - case ICMP_DEST_UNREACH: 373 - switch (code) { 374 - case ICMP_SR_FAILED: 375 - case ICMP_PORT_UNREACH: 376 - /* Impossible event. */ 377 - return 0; 378 - case ICMP_FRAG_NEEDED: 379 - /* And it is the only really necessary thing :-) */ 380 - n = ntohs(icmp_hdr(skb)->un.frag.mtu); 381 - if (n < hlen+68) 382 - return 0; 383 - n -= hlen; 384 - /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */ 385 - if (n > ntohs(eiph->tot_len)) 386 - return 0; 387 - rel_info = htonl(n); 388 - break; 389 - default: 390 - /* All others are translated to HOST_UNREACH. 391 - rfc2003 contains "deep thoughts" about NET_UNREACH, 392 - I believe, it is just ether pollution. --ANK 393 - */ 394 - rel_type = ICMP_DEST_UNREACH; 395 - rel_code = ICMP_HOST_UNREACH; 396 - break; 397 - } 398 - break; 399 - case ICMP_TIME_EXCEEDED: 400 - if (code != ICMP_EXC_TTL) 401 - return 0; 402 - break; 403 - } 404 - 405 - /* Prepare fake skb to feed it to icmp_send */ 406 - skb2 = skb_clone(skb, GFP_ATOMIC); 407 - if (skb2 == NULL) 408 - return 0; 409 - dst_release(skb2->dst); 410 - skb2->dst = NULL; 411 - skb_pull(skb2, skb->data - (u8*)eiph); 412 - skb_reset_network_header(skb2); 413 - 414 - /* Try to guess incoming interface */ 415 - memset(&fl, 0, sizeof(fl)); 416 - fl.fl4_daddr = eiph->saddr; 417 - fl.fl4_tos = RT_TOS(eiph->tos); 418 - fl.proto = IPPROTO_IPIP; 419 - if (ip_route_output_key(dev_net(skb->dev), &rt, &key)) { 420 - kfree_skb(skb2); 421 - return 0; 422 - } 423 - skb2->dev = rt->u.dst.dev; 424 - 425 - /* route "incoming" packet */ 426 - if (rt->rt_flags&RTCF_LOCAL) { 427 - ip_rt_put(rt); 428 - rt = NULL; 429 - fl.fl4_daddr = eiph->daddr; 430 - fl.fl4_src = eiph->saddr; 431 - fl.fl4_tos = eiph->tos; 432 - if (ip_route_output_key(dev_net(skb->dev), &rt, &fl) || 433 - rt->u.dst.dev->type != ARPHRD_TUNNEL) { 434 - ip_rt_put(rt); 435 - kfree_skb(skb2); 436 - return 0; 437 - } 438 - } else { 439 - ip_rt_put(rt); 440 - if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) || 441 - skb2->dst->dev->type != ARPHRD_TUNNEL) { 442 - kfree_skb(skb2); 443 - return 0; 444 - } 445 - } 446 - 447 - /* change mtu on this route */ 448 - if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 449 - if (n > dst_mtu(skb2->dst)) { 450 - kfree_skb(skb2); 451 - return 0; 452 - } 453 - skb2->dst->ops->update_pmtu(skb2->dst, n); 454 - } else if (type == ICMP_TIME_EXCEEDED) { 455 - struct ip_tunnel *t = netdev_priv(skb2->dev); 456 - if (t->parms.iph.ttl) { 457 - rel_type = ICMP_DEST_UNREACH; 458 - rel_code = ICMP_HOST_UNREACH; 459 - } 460 - } 461 - 462 - icmp_send(skb2, rel_type, rel_code, rel_info); 463 - kfree_skb(skb2); 464 - return 0; 465 - #endif 466 } 467 468 static inline void ipip_ecn_decapsulate(const struct iphdr *outer_iph,

··· 278 279 static int ipip_err(struct sk_buff *skb, u32 info) 280 { 281 282 + /* All the routers (except for Linux) return only 283 8 bytes of packet payload. It means, that precise relaying of 284 ICMP in the real Internet is absolutely infeasible. 285 */ ··· 337 out: 338 read_unlock(&ipip_lock); 339 return err; 340 } 341 342 static inline void ipip_ecn_decapsulate(const struct iphdr *outer_iph,

+1 -88

net/ipv6/sit.c

··· 403 404 static int ipip6_err(struct sk_buff *skb, u32 info) 405 { 406 - #ifndef I_WISH_WORLD_WERE_PERFECT 407 408 - /* It is not :-( All the routers (except for Linux) return only 409 8 bytes of packet payload. It means, that precise relaying of 410 ICMP in the real Internet is absolutely infeasible. 411 */ ··· 461 out: 462 read_unlock(&ipip6_lock); 463 return err; 464 - #else 465 - struct iphdr *iph = (struct iphdr*)dp; 466 - int hlen = iph->ihl<<2; 467 - struct ipv6hdr *iph6; 468 - const int type = icmp_hdr(skb)->type; 469 - const int code = icmp_hdr(skb)->code; 470 - int rel_type = 0; 471 - int rel_code = 0; 472 - int rel_info = 0; 473 - struct sk_buff *skb2; 474 - struct rt6_info *rt6i; 475 - 476 - if (len < hlen + sizeof(struct ipv6hdr)) 477 - return; 478 - iph6 = (struct ipv6hdr*)(dp + hlen); 479 - 480 - switch (type) { 481 - default: 482 - return; 483 - case ICMP_PARAMETERPROB: 484 - if (icmp_hdr(skb)->un.gateway < hlen) 485 - return; 486 - 487 - /* So... This guy found something strange INSIDE encapsulated 488 - packet. Well, he is fool, but what can we do ? 489 - */ 490 - rel_type = ICMPV6_PARAMPROB; 491 - rel_info = icmp_hdr(skb)->un.gateway - hlen; 492 - break; 493 - 494 - case ICMP_DEST_UNREACH: 495 - switch (code) { 496 - case ICMP_SR_FAILED: 497 - case ICMP_PORT_UNREACH: 498 - /* Impossible event. */ 499 - return; 500 - case ICMP_FRAG_NEEDED: 501 - /* Too complicated case ... */ 502 - return; 503 - default: 504 - /* All others are translated to HOST_UNREACH. 505 - rfc2003 contains "deep thoughts" about NET_UNREACH, 506 - I believe, it is just ether pollution. --ANK 507 - */ 508 - rel_type = ICMPV6_DEST_UNREACH; 509 - rel_code = ICMPV6_ADDR_UNREACH; 510 - break; 511 - } 512 - break; 513 - case ICMP_TIME_EXCEEDED: 514 - if (code != ICMP_EXC_TTL) 515 - return; 516 - rel_type = ICMPV6_TIME_EXCEED; 517 - rel_code = ICMPV6_EXC_HOPLIMIT; 518 - break; 519 - } 520 - 521 - /* Prepare fake skb to feed it to icmpv6_send */ 522 - skb2 = skb_clone(skb, GFP_ATOMIC); 523 - if (skb2 == NULL) 524 - return 0; 525 - dst_release(skb2->dst); 526 - skb2->dst = NULL; 527 - skb_pull(skb2, skb->data - (u8*)iph6); 528 - skb_reset_network_header(skb2); 529 - 530 - /* Try to guess incoming interface */ 531 - rt6i = rt6_lookup(dev_net(skb->dev), &iph6->saddr, NULL, NULL, 0); 532 - if (rt6i && rt6i->rt6i_dev) { 533 - skb2->dev = rt6i->rt6i_dev; 534 - 535 - rt6i = rt6_lookup(dev_net(skb->dev), 536 - &iph6->daddr, &iph6->saddr, NULL, 0); 537 - 538 - if (rt6i && rt6i->rt6i_dev && rt6i->rt6i_dev->type == ARPHRD_SIT) { 539 - struct ip_tunnel *t = netdev_priv(rt6i->rt6i_dev); 540 - if (rel_type == ICMPV6_TIME_EXCEED && t->parms.iph.ttl) { 541 - rel_type = ICMPV6_DEST_UNREACH; 542 - rel_code = ICMPV6_ADDR_UNREACH; 543 - } 544 - icmpv6_send(skb2, rel_type, rel_code, rel_info, skb2->dev); 545 - } 546 - } 547 - kfree_skb(skb2); 548 - return 0; 549 - #endif 550 } 551 552 static inline void ipip6_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb)

··· 403 404 static int ipip6_err(struct sk_buff *skb, u32 info) 405 { 406 407 + /* All the routers (except for Linux) return only 408 8 bytes of packet payload. It means, that precise relaying of 409 ICMP in the real Internet is absolutely infeasible. 410 */ ··· 462 out: 463 read_unlock(&ipip6_lock); 464 return err; 465 } 466 467 static inline void ipip6_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb)