[PATCH 02/16] ipv4: Deliver ICMP redirects to sockets too.

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 02/16] ipv4: Deliver ICMP redirects to sockets too.
@ 2012-07-12  8:10 David Miller
  2012-07-12 14:58 ` Hiroaki SHIMODA
  0 siblings, 1 reply; 4+ messages in thread
From: David Miller @ 2012-07-12  8:10 UTC (permalink / raw)
  To: netdev


And thus, we can remove the ping_err() hack.

Signed-off-by: David S. Miller <davem@davemloft.net>
---
 net/ipv4/icmp.c |    8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index 18e39d1..5885146 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -782,13 +782,7 @@ static void icmp_redirect(struct sk_buff *skb)
 		break;
 	}
 
-	/* Ping wants to see redirects.
-         * Let's pretend they are errors of sorts... */
-	if (iph->protocol == IPPROTO_ICMP &&
-	    iph->ihl >= 5 &&
-	    pskb_may_pull(skb, (iph->ihl<<2)+8)) {
-		ping_err(skb, icmp_hdr(skb)->un.gateway);
-	}
+	icmp_socket_deliver(skb, icmp_hdr(skb)->un.gateway);
 
 out:
 	return;
-- 
1.7.10.4

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH 02/16] ipv4: Deliver ICMP redirects to sockets too.
  2012-07-12  8:10 [PATCH 02/16] ipv4: Deliver ICMP redirects to sockets too David Miller
@ 2012-07-12 14:58 ` Hiroaki SHIMODA
  2012-07-12 15:06   ` David Miller
  0 siblings, 1 reply; 4+ messages in thread
From: Hiroaki SHIMODA @ 2012-07-12 14:58 UTC (permalink / raw)
  To: David Miller; +Cc: netdev

On Thu, 12 Jul 2012 01:10:49 -0700 (PDT)
David Miller <davem@davemloft.net> wrote:

> 
> And thus, we can remove the ping_err() hack.
> 
> Signed-off-by: David S. Miller <davem@davemloft.net>
> ---
>  net/ipv4/icmp.c |    8 +-------
>  1 file changed, 1 insertion(+), 7 deletions(-)
> 
> diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
> index 18e39d1..5885146 100644
> --- a/net/ipv4/icmp.c
> +++ b/net/ipv4/icmp.c
> @@ -782,13 +782,7 @@ static void icmp_redirect(struct sk_buff *skb)
>  		break;
>  	}
>  
> -	/* Ping wants to see redirects.
> -         * Let's pretend they are errors of sorts... */
> -	if (iph->protocol == IPPROTO_ICMP &&
> -	    iph->ihl >= 5 &&
> -	    pskb_may_pull(skb, (iph->ihl<<2)+8)) {
> -		ping_err(skb, icmp_hdr(skb)->un.gateway);
> -	}
> +	icmp_socket_deliver(skb, icmp_hdr(skb)->un.gateway);

icmp_redirect() just checks skb->len is larger than
sizeof(struct iphdr) and then ping_err() is called.
In ping_err(), *icmph is derived from following code without
sanity check of skb->len. So, I think avobe deleted checks about
skb->len need to move to ping_err() in case of packets are malformed.

	struct icmphdr *icmph = (struct icmphdr *)(skb->data+(iph->ihl<<2))

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 02/16] ipv4: Deliver ICMP redirects to sockets too.
  2012-07-12 14:58 ` Hiroaki SHIMODA
@ 2012-07-12 15:06   ` David Miller
  2012-07-12 15:21     ` Hiroaki SHIMODA
  0 siblings, 1 reply; 4+ messages in thread
From: David Miller @ 2012-07-12 15:06 UTC (permalink / raw)
  To: shimoda.hiroaki; +Cc: netdev

From: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com>
Date: Thu, 12 Jul 2012 23:58:37 +0900

> So, I think avobe deleted checks about skb->len need to move to
> ping_err() in case of packets are malformed.

You would be wrong, the check belongs in icmp_socket_deliver().

====================
>From f0a70e902f483295a8b6d74ef4393bc577b703d7 Mon Sep 17 00:00:00 2001
From: "David S. Miller" <davem@davemloft.net>
Date: Thu, 12 Jul 2012 08:06:04 -0700
Subject: [PATCH] ipv4: Put proper checks into icmp_socket_deliver().

All handler->err() routines expect that we've done a pskb_may_pull()
test to make sure that IP header length + 8 bytes can be safely
pulled.

Reported-by: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
---
 net/ipv4/icmp.c |   12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index d01aeb4..ea3a996 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -640,6 +640,12 @@ static void icmp_socket_deliver(struct sk_buff *skb, u32 info)
 	const struct net_protocol *ipprot;
 	int protocol = iph->protocol;
 
+	/* Checkin full IP header plus 8 bytes of protocol to
+	 * avoid additional coding at protocol handlers.
+	 */
+	if (!pskb_may_pull(skb, iph->ihl * 4 + 8))
+		return;
+
 	raw_icmp_error(skb, protocol, info);
 
 	rcu_read_lock();
@@ -733,12 +739,6 @@ static void icmp_unreach(struct sk_buff *skb)
 		goto out;
 	}
 
-	/* Checkin full IP header plus 8 bytes of protocol to
-	 * avoid additional coding at protocol handlers.
-	 */
-	if (!pskb_may_pull(skb, iph->ihl * 4 + 8))
-		goto out;
-
 	icmp_socket_deliver(skb, info);
 
 out:
-- 
1.7.10.4

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH 02/16] ipv4: Deliver ICMP redirects to sockets too.
  2012-07-12 15:06   ` David Miller
@ 2012-07-12 15:21     ` Hiroaki SHIMODA
  0 siblings, 0 replies; 4+ messages in thread
From: Hiroaki SHIMODA @ 2012-07-12 15:21 UTC (permalink / raw)
  To: David Miller; +Cc: netdev

On Thu, 12 Jul 2012 08:06:53 -0700 (PDT)
David Miller <davem@davemloft.net> wrote:

> From: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com>
> Date: Thu, 12 Jul 2012 23:58:37 +0900
> 
> > So, I think avobe deleted checks about skb->len need to move to
> > ping_err() in case of packets are malformed.
> 
> You would be wrong, the check belongs in icmp_socket_deliver().

Ah, OK. Thanks ;)

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2012-07-12 15:21 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-07-12  8:10 [PATCH 02/16] ipv4: Deliver ICMP redirects to sockets too David Miller
2012-07-12 14:58 ` Hiroaki SHIMODA
2012-07-12 15:06   ` David Miller
2012-07-12 15:21     ` Hiroaki SHIMODA

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).