| From foo@baz Thu 06 Feb 2020 06:56:59 AM GMT |
| From: Ridge Kennedy <ridge.kennedy@alliedtelesis.co.nz> |
| Date: Tue, 4 Feb 2020 12:24:00 +1300 |
| Subject: l2tp: Allow duplicate session creation with UDP |
| |
| From: Ridge Kennedy <ridge.kennedy@alliedtelesis.co.nz> |
| |
| [ Upstream commit 0d0d9a388a858e271bb70e71e99e7fe2a6fd6f64 ] |
| |
| In the past it was possible to create multiple L2TPv3 sessions with the |
| same session id as long as the sessions belonged to different tunnels. |
| The resulting sessions had issues when used with IP encapsulated tunnels, |
| but worked fine with UDP encapsulated ones. Some applications began to |
| rely on this behaviour to avoid having to negotiate unique session ids. |
| |
| Some time ago a change was made to require session ids to be unique across |
| all tunnels, breaking the applications making use of this "feature". |
| |
| This change relaxes the duplicate session id check to allow duplicates |
| if both of the colliding sessions belong to UDP encapsulated tunnels. |
| |
| Fixes: dbdbc73b4478 ("l2tp: fix duplicate session creation") |
| Signed-off-by: Ridge Kennedy <ridge.kennedy@alliedtelesis.co.nz> |
| Acked-by: James Chapman <jchapman@katalix.com> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/l2tp/l2tp_core.c | 7 ++++++- |
| 1 file changed, 6 insertions(+), 1 deletion(-) |
| |
| --- a/net/l2tp/l2tp_core.c |
| +++ b/net/l2tp/l2tp_core.c |
| @@ -325,8 +325,13 @@ int l2tp_session_register(struct l2tp_se |
| |
| spin_lock_bh(&pn->l2tp_session_hlist_lock); |
| |
| + /* IP encap expects session IDs to be globally unique, while |
| + * UDP encap doesn't. |
| + */ |
| hlist_for_each_entry(session_walk, g_head, global_hlist) |
| - if (session_walk->session_id == session->session_id) { |
| + if (session_walk->session_id == session->session_id && |
| + (session_walk->tunnel->encap == L2TP_ENCAPTYPE_IP || |
| + tunnel->encap == L2TP_ENCAPTYPE_IP)) { |
| err = -EEXIST; |
| goto err_tlock_pnlock; |
| } |