Message ID | 1372747774-28570-1-git-send-email-amwang@redhat.com |
---|---|
State | Accepted, archived |
Delegated to: | David Miller |
Headers | show |
From: Cong Wang <amwang@redhat.com> Date: Tue, 2 Jul 2013 14:49:34 +0800 > From: Cong Wang <amwang@redhat.com> > > This is a regression introduced by > commit fd58156e456d9f68fe0448 (IPIP: Use ip-tunneling code.) > > Similar to GRE tunnel, previously we only check the parameters > for SIOCADDTUNNEL and SIOCCHGTUNNEL, after that commit, the > check is moved for all commands. > > So, just check for SIOCADDTUNNEL and SIOCCHGTUNNEL. > > Also, the check for i_key, o_key etc. is suspicious too, > which did not exist before, reset them before passing > to ip_tunnel_ioctl(). > > Cc: Pravin B Shelar <pshelar@nicira.com> > Cc: "David S. Miller" <davem@davemloft.net> > Signed-off-by: Cong Wang <amwang@redhat.com> Applied and queued up for -stable, thanks! -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c index 77bfcce..7cfc456 100644 --- a/net/ipv4/ipip.c +++ b/net/ipv4/ipip.c @@ -240,11 +240,13 @@ ipip_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) return -EFAULT; - if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP || - p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF))) - return -EINVAL; - if (p.i_key || p.o_key || p.i_flags || p.o_flags) - return -EINVAL; + if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) { + if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP || + p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF))) + return -EINVAL; + } + + p.i_key = p.o_key = p.i_flags = p.o_flags = 0; if (p.iph.ttl) p.iph.frag_off |= htons(IP_DF);