| From 675b9402488074d7081811cb67055fb1e1f515b3 Mon Sep 17 00:00:00 2001 |
| From: Cong Wang <amwang@redhat.com> |
| Date: Tue, 2 Jul 2013 14:49:34 +0800 |
| Subject: ipip: fix a regression in ioctl |
| |
| From: Cong Wang <amwang@redhat.com> |
| |
| [ Upstream commit 3b7b514f44bff05d26a6499c4d4fac2a83938e6e ] |
| |
| This is a regression introduced by |
| commit fd58156e456d9f68fe0448 (IPIP: Use ip-tunneling code.) |
| |
| Similar to GRE tunnel, previously we only check the parameters |
| for SIOCADDTUNNEL and SIOCCHGTUNNEL, after that commit, the |
| check is moved for all commands. |
| |
| So, just check for SIOCADDTUNNEL and SIOCCHGTUNNEL. |
| |
| Also, the check for i_key, o_key etc. is suspicious too, |
| which did not exist before, reset them before passing |
| to ip_tunnel_ioctl(). |
| |
| Signed-off-by: Cong Wang <amwang@redhat.com> |
| Cc: Pravin B Shelar <pshelar@nicira.com> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/ipv4/ipip.c | 12 +++++++----- |
| 1 file changed, 7 insertions(+), 5 deletions(-) |
| |
| --- a/net/ipv4/ipip.c |
| +++ b/net/ipv4/ipip.c |
| @@ -240,11 +240,13 @@ ipip_tunnel_ioctl(struct net_device *dev |
| if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) |
| return -EFAULT; |
| |
| - if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP || |
| - p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF))) |
| - return -EINVAL; |
| - if (p.i_key || p.o_key || p.i_flags || p.o_flags) |
| - return -EINVAL; |
| + if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) { |
| + if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP || |
| + p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF))) |
| + return -EINVAL; |
| + } |
| + |
| + p.i_key = p.o_key = p.i_flags = p.o_flags = 0; |
| if (p.iph.ttl) |
| p.iph.frag_off |= htons(IP_DF); |
| |
