diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2013-12-27 15:11:02 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-01-07 10:04:19 +0000 |
commit | 578ad299bcc3098d466e108e0a8ebf13bf70f8cf (patch) | |
tree | 3c2660070238ce9b241daba500511fc896570b50 | |
parent | 45d083c6867c2777f0929d51066a8b308225ada6 (diff) | |
download | aports-578ad299bcc3098d466e108e0a8ebf13bf70f8cf.tar.bz2 aports-578ad299bcc3098d466e108e0a8ebf13bf70f8cf.tar.xz |
main/linux-grsec: backport ip gre fix
from http://www.spinics.net/lists/netdev/msg261705.html
ref #2530
-rw-r--r-- | main/linux-grsec/0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch | 60 | ||||
-rw-r--r-- | main/linux-grsec/APKBUILD | 6 |
2 files changed, 65 insertions, 1 deletions
diff --git a/main/linux-grsec/0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch b/main/linux-grsec/0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch new file mode 100644 index 0000000000..ca86acacf9 --- /dev/null +++ b/main/linux-grsec/0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch @@ -0,0 +1,60 @@ +From 08dd44d9ba398ecd23975603aa05ab9b8a9a8f94 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> +Date: Mon, 16 Dec 2013 11:02:09 +0200 +Subject: [PATCH] ip_gre: fix msg_name parsing for recvfrom/recvmsg +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +ipgre_header_parse() needs to parse the tunnel's ip header and it +uses mac_header to locate the iphdr. This got broken when gre tunneling +was refactored as mac_header is no longer updated to point to iphdr. +Introduce skb_pop_mac_header() helper to do the mac_header assignment +and use it in ipgre_rcv() to fix msg_name parsing. + +Bug introduced in commit c54419321455 (GRE: Refactor GRE tunneling code.) + +Cc: Pravin B Shelar <pshelar@nicira.com> +Signed-off-by: Timo Teräs <timo.teras@iki.fi> +Signed-off-by: David S. Miller <davem@davemloft.net> + +Conflicts: + include/linux/skbuff.h + net/ipv4/ip_gre.c +--- + include/linux/skbuff.h | 5 +++++ + net/ipv4/ip_gre.c | 1 + + 2 files changed, 6 insertions(+) + +diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h +index c42c51d..d3500f8 100644 +--- a/include/linux/skbuff.h ++++ b/include/linux/skbuff.h +@@ -1519,6 +1519,11 @@ static inline void skb_reset_inner_headers(struct sk_buff *skb) + skb->inner_transport_header = skb->transport_header; + } + ++static inline void skb_pop_mac_header(struct sk_buff *skb) ++{ ++ skb->mac_header = skb->network_header; ++} ++ + static inline void skb_reset_mac_len(struct sk_buff *skb) + { + skb->mac_len = skb->network_header - skb->mac_header; +diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c +index db77052..79f1e8d 100644 +--- a/net/ipv4/ip_gre.c ++++ b/net/ipv4/ip_gre.c +@@ -335,6 +335,7 @@ static int ipgre_rcv(struct sk_buff *skb) + iph->saddr, iph->daddr, tpi.key); + + if (tunnel) { ++ skb_pop_mac_header(skb); + ip_tunnel_rcv(tunnel, skb, &tpi, hdr_len, log_ecn_error); + return 0; + } +-- +1.8.5.2 + + diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index 8c5006016f..aa56d40670 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD @@ -7,7 +7,7 @@ case $pkgver in *.*.*) _kernver=${pkgver%.*};; *.*) _kernver=${pkgver};; esac -pkgrel=1 +pkgrel=2 pkgdesc="Linux kernel with grsecurity" url=http://grsecurity.net depends="mkinitfs linux-firmware" @@ -26,6 +26,7 @@ source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch net-loosen-constraints-for-recalculating-checksum-in-skb_segment.patch + 0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch fix-memory-map-for-PIE-applications.patch kernelconfig.x86 @@ -160,6 +161,7 @@ aa454ffb96428586447775c21449e284 0003-ipv4-properly-refresh-rtable-entries-on-p 6ce5fed63aad3f1a1ff1b9ba7b741822 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch 1a5800a2122ba0cc0d06733cb3bb8b8f 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch ae36fdf685dd97f51bce3a5124f7dff6 net-loosen-constraints-for-recalculating-checksum-in-skb_segment.patch +c5f660933430a03f3346c66fbfb26100 0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch 866e6c4daed45d563829804f8ad50ed9 kernelconfig.x86 272aaddd0a19a5052208bc25551995a3 kernelconfig.x86_64" @@ -173,6 +175,7 @@ dc8e82108615657f1fb9d641efd42255a5761c06edde1b00a41ae0d314d548f0 0002-arp-flush ae32bb72afa170e6c3788c564b342763aba5945afacc1e2ebfc096adf50d77a3 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch fc613ac466610b866b721c41836fd5bfb2d4b75bceb67972dc6369d7f62ff47e 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch b130be723743442140637b74da6065061aabb0a0ce6ce6f5cf784f6e5776ae14 net-loosen-constraints-for-recalculating-checksum-in-skb_segment.patch +dcdef241ddd315c6c8296f122fc94f77792fde0304aff07f72afe11333b7ebfb 0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch 500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7 fix-memory-map-for-PIE-applications.patch 7fd28634998ef1fddafed5f2516e902924245d2464b9e86476bfaa55ccfc3bc3 kernelconfig.x86 f2843ae4f9b3e3c27f3138ce4b740c2803bdab0c7a910c662d951843803b9554 kernelconfig.x86_64" @@ -186,6 +189,7 @@ d2f578ad1d6e1fe52b55863e5bf338ae8201b828a498ec3e42e549c55295d3d1c6c3adfa9e226d71 28a33e644bf2faf99c8dd6dbccfe14e140dfdd8824a8fb2d58aa7deb9e572f130d92b6b35ee181084050d82166bdf2e498a451a2a538a67b7ab84204405d2d87 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch 249140374c19a5599876268ff5b3cda2e136681aee103b4a9fff5d7d346f8e3295a907fb43db0701b8a9fece64c299ad2abac0434259cce6631307ce84090205 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch 100fddcb0311d01bed68831287805921afd6a788a81ac6aa1c71823eb10b83c906bc38b0607fdbe71515aef43e628a9863b3fd53953698fe91326c70918c9bd9 net-loosen-constraints-for-recalculating-checksum-in-skb_segment.patch +ccb0695d96521d27e318a9936037a9cf9705dade1feeed271b65f0199653e8817c1696fcc1c2c83a9328ca23354213e1bed513212056e636d780a49fa7791d82 0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch 4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7 fix-memory-map-for-PIE-applications.patch 1721542ff111c8ec550323dae6f6174131db180668cbf14f01dc4c76ffbbb479715919a80c35d8c8ac22a6479dd3b42700be6ddc5ef2a8b6a62de811c7ae86df kernelconfig.x86 d49bf57bd0aae17d762d87d5bf983e48219d71ca44bc0c3120db94d357192c07146a8938cef9d435218e4bb748691ec426387545837be637d47e45cdc4482d71 kernelconfig.x86_64" |