diff options
Diffstat (limited to 'main/linux-grsec/0001-ip_tunnel-fix-ipv4-pmtu-check-to-honor-inner-ip-head.patch')
-rw-r--r-- | main/linux-grsec/0001-ip_tunnel-fix-ipv4-pmtu-check-to-honor-inner-ip-head.patch | 55 |
1 files changed, 0 insertions, 55 deletions
diff --git a/main/linux-grsec/0001-ip_tunnel-fix-ipv4-pmtu-check-to-honor-inner-ip-head.patch b/main/linux-grsec/0001-ip_tunnel-fix-ipv4-pmtu-check-to-honor-inner-ip-head.patch deleted file mode 100644 index 5e6f493f52..0000000000 --- a/main/linux-grsec/0001-ip_tunnel-fix-ipv4-pmtu-check-to-honor-inner-ip-head.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 9c889e8df035c6eb7993963a7c80bfc75a61124d Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> -Date: Mon, 6 Jul 2015 09:54:36 +0300 -Subject: [PATCH] ip_tunnel: fix ipv4 pmtu check to honor inner ip header df - -Frag needed should be sent only if the inner header asked -to not fragment. Currently fragmentation is broken if the -tunnel has df set. The tunnel's df needs to be still checked -to update internally the pmtu cache. - -This got broken in commit 23a3647bc4f93bac and this fixes -the pmtu check back to the way it was. - -Fixes: 23a3647bc4f93bac ("ip_tunnels: Use skb-len to PMTU check.") -Cc: Pravin B Shelar <pshelar@nicira.com> ---- - net/ipv4/ip_tunnel.c | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c -index 0bb8e14..6822572 100644 ---- a/net/ipv4/ip_tunnel.c -+++ b/net/ipv4/ip_tunnel.c -@@ -587,7 +587,8 @@ int ip_tunnel_encap(struct sk_buff *skb, struct ip_tunnel *t, - EXPORT_SYMBOL(ip_tunnel_encap); - - static int tnl_update_pmtu(struct net_device *dev, struct sk_buff *skb, -- struct rtable *rt, __be16 df) -+ struct rtable *rt, __be16 df, -+ const struct iphdr *inner_iph) - { - struct ip_tunnel *tunnel = netdev_priv(dev); - int pkt_size = skb->len - tunnel->hlen - dev->hard_header_len; -@@ -604,7 +605,8 @@ static int tnl_update_pmtu(struct net_device *dev, struct sk_buff *skb, - - if (skb->protocol == htons(ETH_P_IP)) { - if (!skb_is_gso(skb) && -- (df & htons(IP_DF)) && mtu < pkt_size) { -+ (inner_iph->frag_off & htons(IP_DF)) && -+ mtu < pkt_size) { - memset(IPCB(skb), 0, sizeof(*IPCB(skb))); - icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu)); - return -E2BIG; -@@ -738,7 +740,7 @@ void ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev, - goto tx_error; - } - -- if (tnl_update_pmtu(dev, skb, rt, tnl_params->frag_off)) { -+ if (tnl_update_pmtu(dev, skb, rt, tnl_params->frag_off, inner_iph)) { - ip_rt_put(rt); - goto tx_error; - } --- -2.4.5 - |