| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200724130310.788305-3-willemdebruijn.kernel@gmail.com>
Date: Fri, 24 Jul 2020 09:03:09 -0400
From: Willem de Bruijn <willemdebruijn.kernel@...il.com>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net, Willem de Bruijn <willemb@...gle.com>
Subject: [PATCH net-next v2 2/3] icmp: prepare rfc 4884 for ipv6
From: Willem de Bruijn <willemb@...gle.com>
The RFC 4884 spec is largely the same between IPv4 and IPv6.
Factor out the IPv4 specific parts in preparation for IPv6 support:
- icmp types supported
- icmp header size, and thus offset to original datagram start
- datagram length field offset in icmp(6)hdr.
- datagram length field word size: 4B for IPv4, 8B for IPv6.
Signed-off-by: Willem de Bruijn <willemb@...gle.com>
---
include/linux/icmp.h | 3 ++-
net/ipv4/icmp.c | 17 ++++-------------
net/ipv4/ip_sockglue.c | 14 +++++++++++++-
3 files changed, 19 insertions(+), 15 deletions(-)
diff --git a/include/linux/icmp.h b/include/linux/icmp.h
index 8fc38a34cb20..0af4d210ee31 100644
--- a/include/linux/icmp.h
+++ b/include/linux/icmp.h
@@ -37,6 +37,7 @@ static inline bool icmp_is_err(int type)
}
void ip_icmp_error_rfc4884(const struct sk_buff *skb,
- struct sock_ee_data_rfc4884 *out);
+ struct sock_ee_data_rfc4884 *out,
+ int thlen, int off);
#endif /* _LINUX_ICMP_H */
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index 646d4fb72c07..1e70e98f14f8 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -1186,24 +1186,15 @@ static bool ip_icmp_error_rfc4884_validate(const struct sk_buff *skb, int off)
}
void ip_icmp_error_rfc4884(const struct sk_buff *skb,
- struct sock_ee_data_rfc4884 *out)
+ struct sock_ee_data_rfc4884 *out,
+ int thlen, int off)
{
- int hlen, off;
-
- switch (icmp_hdr(skb)->type) {
- case ICMP_DEST_UNREACH:
- case ICMP_TIME_EXCEEDED:
- case ICMP_PARAMETERPROB:
- break;
- default:
- return;
- }
+ int hlen;
/* original datagram headers: end of icmph to payload (skb->data) */
- hlen = -skb_transport_offset(skb) - sizeof(struct icmphdr);
+ hlen = -skb_transport_offset(skb) - thlen;
/* per rfc 4884: minimal datagram length of 128 bytes */
- off = icmp_hdr(skb)->un.reserved[1] * sizeof(u32);
if (off < 128 || off < hlen)
return;
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index a5ea02d7a183..6aa45fe0a676 100644
--- a/net/ipv4/ip_sockglue.c
+++ b/net/ipv4/ip_sockglue.c
@@ -389,6 +389,18 @@ int ip_ra_control(struct sock *sk, unsigned char on,
return 0;
}
+static void ipv4_icmp_error_rfc4884(const struct sk_buff *skb,
+ struct sock_ee_data_rfc4884 *out)
+{
+ switch (icmp_hdr(skb)->type) {
+ case ICMP_DEST_UNREACH:
+ case ICMP_TIME_EXCEEDED:
+ case ICMP_PARAMETERPROB:
+ ip_icmp_error_rfc4884(skb, out, sizeof(struct icmphdr),
+ icmp_hdr(skb)->un.reserved[1] * 4);
+ }
+}
+
void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
__be16 port, u32 info, u8 *payload)
{
@@ -412,7 +424,7 @@ void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err,
if (skb_pull(skb, payload - skb->data)) {
if (inet_sk(sk)->recverr_rfc4884)
- ip_icmp_error_rfc4884(skb, &serr->ee.ee_rfc4884);
+ ipv4_icmp_error_rfc4884(skb, &serr->ee.ee_rfc4884);
skb_reset_transport_header(skb);
if (sock_queue_err_skb(sk, skb) == 0)
--
2.28.0.rc0.142.g3c755180ce-goog
Powered by blists - more mailing lists