Linux kernel source tree https://git.amat.us/linux/atom/net/ipv6/ipcomp6.c?h=v3.12.10 2013-09-16T07:45:32Z 2013-09-16T07:45:32Z Steffen Klassert steffen.klassert@secunet.com 2013-09-10T11:43:09Z urn:sha1:b3b2b9e192d5811f91f9cd92aeec489cecabc92e Currently we update the pmtu in the IPsec protocol error handlers if icmpv6 message type is either ICMPV6_DEST_UNREACH or ICMPV6_PKT_TOOBIG. Updating the pmtu on ICMPV6_DEST_UNREACH is wrong in any case, it causes strangely fragmented packets. Only ICMPV6_PKT_TOOBIG signalizes pmtu discovery, so remove the ICMPV6_DEST_UNREACH check in the IPsec protocol error handlers. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> 2013-09-05T16:44:31Z Duan Jiong duanj.fnst@cn.fujitsu.com 2013-09-04T11:44:21Z urn:sha1:b55b76b22144ab97cefcb3862bab61f088adf411 RFC 4861 says that the IP source address of the Redirect is the same as the current first-hop router for the specified ICMP Destination Address, so the gateway should be taken into consideration when we find the route for redirect. There was once a check in commit a6279458c534d01ccc39498aba61c93083ee0372 ("NDISC: Search over all possible rules on receipt of redirect.") and the check went away in commit b94f1c0904da9b8bf031667afc48080ba7c3e8c9 ("ipv6: Use icmpv6_notify() to propagate redirect, instead of rt6_redirect()"). The bug is only "exploitable" on layer-2 because the source address of the redirect is checked to be a valid link-local address but it makes spoofing a lot easier in the same L2 domain nonetheless. Thanks very much for Hannes's help. Signed-off-by: Duan Jiong <duanj.fnst@cn.fujitsu.com> Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2012-07-12T07:25:15Z David S. Miller davem@davemloft.net 2012-07-12T07:25:15Z urn:sha1:ec18d9a2691d69cd14b48f9b919fddcef28b7f5c Signed-off-by: David S. Miller <davem@davemloft.net> 2012-06-15T21:54:11Z David S. Miller davem@davemloft.net 2012-06-15T21:54:11Z urn:sha1:81aded24675ebda5de8a68843250ad15584ac38a One tricky issue on the ipv6 side vs. ipv4 is that the ICMP callouts to handle the error pass the 32-bit info cookie in network byte order whereas ipv4 passes it around in host byte order. Like the ipv4 side, we have two helper functions. One for when we have a socket context and one for when we do not. ip6ip6 tunnels are not handled here, because they handle PMTU events by essentially relaying another ICMP packet-too-big message back to the original sender. This patch allows us to get rid of rt6_do_pmtu_disc(). It handles all kinds of situations that simply cannot happen when we do the PMTU update directly using a fully resolved route. In fact, the "plen == 128" check in ip6_rt_update_pmtu() can very likely be removed or changed into a BUG_ON() check. We should never have a prefixed ipv6 route when we get there. Another piece of strange history here is that TCP and DCCP, unlike in ipv4, never invoke the update_pmtu() method from their ICMP error handlers. This is incredibly astonishing since this is the context where we have the most accurate context in which to make a PMTU update, namely we have a fully connected socket and associated cached socket route. Signed-off-by: David S. Miller <davem@davemloft.net> 2012-05-16T05:01:03Z Joe Perches joe@perches.com 2012-05-15T14:11:54Z urn:sha1:91df42bedccb919902c7cf7eb876c982ae7f1b1d Use the current debugging style and enable dynamic_debug. Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2012-05-16T05:01:03Z Joe Perches joe@perches.com 2012-05-15T14:11:53Z urn:sha1:f32138319ca6541e65f95f8e17c9cc88ac1baf94 Add #define pr_fmt(fmt) as appropriate. Add "IPv6: " to appropriate files. Convert printk(KERN_<LEVEL> to pr_<level> (but not KERN_DEBUG). Standardize on "%s: " not "%s(): " when emitting __func__. Use "%s: ", __func__ instead of embedding function name. Coalesce formats, align arguments. ADDRCONF output is now prefixed with "IPv6: " Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2011-04-22T18:04:14Z Eric Dumazet eric.dumazet@gmail.com 2011-04-22T04:53:02Z urn:sha1:b71d1d426d263b0b6cb5760322efebbfc89d4463 Add const qualifiers to structs iphdr, ipv6hdr and in6_addr pointers where possible, to make code intention more obvious. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-02-23T00:20:22Z Jamal Hadi Salim hadi@cyberus.ca 2010-02-23T00:20:22Z urn:sha1:bd55775c8dd656fc69b3a42a1c4ab32abb7e8af9 pass mark to all SA lookups to prepare them for when we add code to have them search. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-02-17T06:09:29Z David S. Miller davem@davemloft.net 2010-02-17T06:09:29Z urn:sha1:2bb4646fce8d09916b351d1a62f98db7cec6fc41 2010-02-16T22:53:24Z Herbert Xu herbert@gondor.apana.org.au 2010-02-15T19:24:30Z urn:sha1:10e7454ed7a2da39f1f6255f63d7df27ab4bb67f When ipcomp_tunnel_attach fails we will call ipcomp_destroy twice. This may lead to double-frees on certain structures. As there is no reason to explicitly call ipcomp_destroy, this patch removes it from ipcomp*.c and lets the standard xfrm_state destruction take place. This is based on the discovery and patch by Alexey Dobriyan. Tested-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>