| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200325150304.5506-1-w.dauchy@criteo.com>
Date: Wed, 25 Mar 2020 16:03:04 +0100
From: William Dauchy <w.dauchy@...teo.com>
To: netdev@...r.kernel.org
Cc: William Dauchy <w.dauchy@...teo.com>,
Nicolas Dichtel <nicolas.dichtel@...nd.com>, pshelar@...ira.com
Subject: [PATCH net] net, ip_tunnel: fix interface lookup with no key
when creating a new ipip interface with no local/remote configuration,
the lookup is done with TUNNEL_NO_KEY flag, making it impossible to
match the new interface (only possible match being fallback or metada
case interface); e.g: `ip link add tunl1 type ipip dev eth0`
If we consider `key` being zero in ipip case, we might consider ok to
go through this last loop, and make it possible to match such interface.
In fact this is what is done when we create a gre interface without key
and local/remote.
context being on my side, I'm creating an extra ipip interface attached
to the physical one, and moving it to a dedicated namespace.
Fixes: c54419321455 ("GRE: Refactor GRE tunneling code.")
Signed-off-by: William Dauchy <w.dauchy@...teo.com>
---
net/ipv4/ip_tunnel.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c
index 74e1d964a615..f6578bcadbed 100644
--- a/net/ipv4/ip_tunnel.c
+++ b/net/ipv4/ip_tunnel.c
@@ -142,9 +142,6 @@ struct ip_tunnel *ip_tunnel_lookup(struct ip_tunnel_net *itn,
cand = t;
}
- if (flags & TUNNEL_NO_KEY)
- goto skip_key_lookup;
-
hlist_for_each_entry_rcu(t, head, hash_node) {
if (t->parms.i_key != key ||
t->parms.iph.saddr != 0 ||
--
2.25.1
Powered by blists - more mailing lists