summaryrefslogtreecommitdiff
path: root/net/ipv4
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2007-04-09 22:47:58 +0400
committerDavid S. Miller <davem@sunset.davemloft.net>2007-04-26 09:28:39 +0400
commitac758e3c55c529714354fc268892ca4d23ca1e99 (patch)
tree05d287a417c04114afa68c2a931f3c212e133e1c /net/ipv4
parentc5c2523893747f88a83376abad310c8ad13f7197 (diff)
downloadlinux-ac758e3c55c529714354fc268892ca4d23ca1e99.tar.xz
[XFRM]: beet: fix worst case header_len calculation
esp_init_state doesn't account for the beet pseudo header in the header_len calculation, which may result in undersized skbs hitting xfrm4_beet_output, causing unnecessary reallocations in ip_finish_output2. The skbs should still always have enough room to avoid causing skb_under_panic in skb_push since we have at least 16 bytes available from LL_RESERVED_SPACE in xfrm_state_check_space. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/esp4.c3
-rw-r--r--net/ipv4/xfrm4_mode_beet.c2
2 files changed, 3 insertions, 2 deletions
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
index a315d5d22764..47c95e8ef045 100644
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -294,7 +294,6 @@ static u32 esp4_get_mtu(struct xfrm_state *x, int mtu)
break;
case XFRM_MODE_BEET:
/* The worst case. */
- mtu -= IPV4_BEET_PHMAXLEN;
mtu += min_t(u32, IPV4_BEET_PHMAXLEN, rem);
break;
}
@@ -409,6 +408,8 @@ static int esp_init_state(struct xfrm_state *x)
x->props.header_len = sizeof(struct ip_esp_hdr) + esp->conf.ivlen;
if (x->props.mode == XFRM_MODE_TUNNEL)
x->props.header_len += sizeof(struct iphdr);
+ else if (x->props.mode == XFRM_MODE_BEET)
+ x->props.header_len += IPV4_BEET_PHMAXLEN;
if (x->encap) {
struct xfrm_encap_tmpl *encap = x->encap;
diff --git a/net/ipv4/xfrm4_mode_beet.c b/net/ipv4/xfrm4_mode_beet.c
index 0f7c3e30e4e6..a73e710740c2 100644
--- a/net/ipv4/xfrm4_mode_beet.c
+++ b/net/ipv4/xfrm4_mode_beet.c
@@ -40,7 +40,7 @@ static int xfrm4_beet_output(struct xfrm_state *x, struct sk_buff *skb)
if (unlikely(optlen))
hdrlen += IPV4_BEET_PHMAXLEN - (optlen & 4);
- skb_push(skb, x->props.header_len + hdrlen);
+ skb_push(skb, x->props.header_len - IPV4_BEET_PHMAXLEN + hdrlen);
skb_reset_network_header(skb);
top_iph = ip_hdr(skb);
skb->transport_header += sizeof(*iph) - hdrlen;