diff options
| author | David S. Miller <davem@davemloft.net> | 2015-08-29 23:07:55 +0300 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2015-08-29 23:07:55 +0300 |
| commit | 6d74232410a9f3ed0e1fc0f5e538598f21e93982 (patch) | |
| tree | 388c9e94c26bdd40875562a58b84a54213ca7ac7 /net/openvswitch/flow.c | |
| parent | f6d3c19274c74ff17174df8078e0a14df003667f (diff) | |
| parent | a43a9ef6a2e510fec61176ff2c34fab3e7d581da (diff) | |
| download | linux-6d74232410a9f3ed0e1fc0f5e538598f21e93982.tar.xz | |
Merge branch 'tnl-ipv4-ipv6'
Jiri Benc says:
====================
tunnels: fix incorrect IPv4/v6 headers interpretation
With tunneling, it is currently possible to get an IPv6 header and interpret
it as an IPv4 header, or to interpret an IPv6 address as an IPv4 address
(and vice versa). This leads to things like sending packets to incorrect
address, IPv6 flow label being interpreted as IP packet length, etc.
Fix several places where this can happen.
Most of this is net-next only. The third patch affects net, too, but it
doesn't seem there's anything in user space that sets the attribute at all
currently, thus net-next is fine.
Changelog:
v2: fixed geneve after incorrect rebase on top of Pravin's patches
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/openvswitch/flow.c')
| -rw-r--r-- | net/openvswitch/flow.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c index 5a3195e538ce..9760dc43bdb9 100644 --- a/net/openvswitch/flow.c +++ b/net/openvswitch/flow.c @@ -688,6 +688,8 @@ int ovs_flow_key_extract(const struct ip_tunnel_info *tun_info, { /* Extract metadata from packet. */ if (tun_info) { + if (ip_tunnel_info_af(tun_info) != AF_INET) + return -EINVAL; memcpy(&key->tun_key, &tun_info->key, sizeof(key->tun_key)); if (tun_info->options) { |