ip_tunnels: record IP version in tunnel info

There's currently nothing preventing directing packets with IPv6 encapsulation data to IPv4 tunnels (and vice versa). If this happens, IPv6 addresses are incorrectly interpreted as IPv4 ones. Track whether the given ip_tunnel_key contains IPv4 or IPv6 data. Store this in ip_tunnel_info. Reject packets at appropriate places if they are supposed to be encapsulated into an incompatible protocol. Signed-off-by: Jiri Benc <jbenc@redhat.com> Acked-by: Alexei Starovoitov <ast@plumgrid.com> Acked-by: Thomas Graf <tgraf@suug.ch> Acked-by: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Jiri Benc <jbenc@redhat.com> 2015-08-28 18:48:20 (GMT)
committer: David S. Miller <davem@davemloft.net> 2015-08-29 20:07:54 (GMT)
commit: 7f9562a1f405306eacb97f95d78cb996e33f27f5 (patch)
tree: 298378f868e85024a908e9bae1e0754fc59e169e /net/openvswitch/flow.c
parent: 46fa062ad63146dd138ec0f017e71224471e8ea5 (diff)
download: linux-7f9562a1f405306eacb97f95d78cb996e33f27f5.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c
index 5a3195e..9760dc4 100644
--- a/net/openvswitch/flow.c
+++ b/net/openvswitch/flow.c
@@ -688,6 +688,8 @@ int ovs_flow_key_extract(const struct ip_tunnel_info *tun_info,
 {
 	/* Extract metadata from packet. */
 	if (tun_info) {
+		if (ip_tunnel_info_af(tun_info) != AF_INET)
+			return -EINVAL;
 		memcpy(&key->tun_key, &tun_info->key, sizeof(key->tun_key));
 
 		if (tun_info->options) {
author	Jiri Benc <jbenc@redhat.com>	2015-08-28 18:48:20 (GMT)
committer	David S. Miller <davem@davemloft.net>	2015-08-29 20:07:54 (GMT)
commit	7f9562a1f405306eacb97f95d78cb996e33f27f5 (patch)
tree	298378f868e85024a908e9bae1e0754fc59e169e /net/openvswitch/flow.c
parent	46fa062ad63146dd138ec0f017e71224471e8ea5 (diff)
download	linux-7f9562a1f405306eacb97f95d78cb996e33f27f5.tar.xz