From: Jiri Benc <jbenc@redhat.com>
To: netdev@vger.kernel.org
Cc: Thomas Graf <tgraf@suug.ch>, Pravin Shelar <pshelar@nicira.com>
Subject: [PATCH v2 net-next 0/4] tunnels: fix incorrect IPv4/v6 headers interpretation
Date: Fri, 28 Aug 2015 20:48:18 +0200 [thread overview]
Message-ID: <cover.1440787600.git.jbenc@redhat.com> (raw)
With tunneling, it is currently possible to get an IPv6 header and interpret
it as an IPv4 header, or to interpret an IPv6 address as an IPv4 address
(and vice versa). This leads to things like sending packets to incorrect
address, IPv6 flow label being interpreted as IP packet length, etc.
Fix several places where this can happen.
Most of this is net-next only. The third patch affects net, too, but it
doesn't seem there's anything in user space that sets the attribute at all
currently, thus net-next is fine.
Changelog:
v2: fixed geneve after incorrect rebase on top of Pravin's patches
Jiri Benc (4):
ip_tunnels: convert the mode field of ip_tunnel_info to flags
ip_tunnels: record IP version in tunnel info
fou: reject IPv6 config
vxlan: do not receive IPv4 packets on IPv6 socket
drivers/net/geneve.c | 4 +++-
drivers/net/vxlan.c | 5 ++++-
include/net/dst_metadata.h | 2 +-
include/net/ip_tunnels.h | 19 ++++++++++++-------
include/net/udp_tunnel.h | 3 ++-
net/core/filter.c | 2 ++
net/ipv4/fou.c | 2 +-
net/ipv4/ip_gre.c | 3 ++-
net/ipv4/ip_tunnel_core.c | 2 +-
net/ipv4/route.c | 2 +-
net/ipv6/ip6_udp_tunnel.c | 9 +++++++++
net/ipv6/route.c | 2 +-
net/openvswitch/flow.c | 2 ++
net/openvswitch/vport.c | 2 ++
14 files changed, 43 insertions(+), 16 deletions(-)
--
1.8.3.1
next reply other threads:[~2015-08-28 18:49 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-28 18:48 Jiri Benc [this message]
2015-08-28 18:48 ` [PATCH v2 net-next 1/4] ip_tunnels: convert the mode field of ip_tunnel_info to flags Jiri Benc
2015-08-28 22:15 ` Thomas Graf
2015-08-28 22:55 ` Pravin Shelar
2015-08-28 18:48 ` [PATCH v2 net-next 2/4] ip_tunnels: record IP version in tunnel info Jiri Benc
2015-08-28 22:24 ` Thomas Graf
2015-08-29 8:43 ` Jiri Benc
2015-08-28 22:55 ` Pravin Shelar
2015-08-28 18:48 ` [PATCH v2 net-next 3/4] fou: reject IPv6 config Jiri Benc
2015-08-28 18:48 ` [PATCH v2 net-next 4/4] vxlan: do not receive IPv4 packets on IPv6 socket Jiri Benc
2015-08-28 22:39 ` Thomas Graf
2015-08-29 8:55 ` Jiri Benc
2015-08-30 9:30 ` Thomas Graf
2015-08-29 20:08 ` [PATCH v2 net-next 0/4] tunnels: fix incorrect IPv4/v6 headers interpretation David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1440787600.git.jbenc@redhat.com \
--to=jbenc@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=pshelar@nicira.com \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).