From patchwork Mon Aug 25 22:25:45 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hagen Paul Pfeifer X-Patchwork-Id: 382871 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 948121400D2 for ; Tue, 26 Aug 2014 08:26:55 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755263AbaHYW0v (ORCPT ); Mon, 25 Aug 2014 18:26:51 -0400 Received: from mail-wi0-f174.google.com ([209.85.212.174]:42525 "EHLO mail-wi0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751780AbaHYW0u (ORCPT ); Mon, 25 Aug 2014 18:26:50 -0400 Received: by mail-wi0-f174.google.com with SMTP id d1so3272523wiv.13 for ; Mon, 25 Aug 2014 15:26:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=C6q5Kd+MJqhSXiA78o8YdTMPbAzA/wlsyP09TRcRq0E=; b=AUa/m2og6oDrUzns3MCIwWxSETq39ov7jjJJvWxZ/1xbLYLdZ13UwzZohK9UxLRrai LV+BGZBZPOIVpXF5aMWSDOWGPqy296NuMGblrXYjcgiLRCwKj0q+bA8a9KODT5j3ITJh XruGlrXeqJaFOCAkSrLq4oBiitjjwBnW9DUB27K8ec85G0vQacdixw/Kv8qn0Ae+sjlb crZpscRgqyzSuo8F7+wItkULKwdNVr49yx9KKA5Kcfx9pypjxbH8LwAyaoJ1ILivbsEL gHRUB55kqqHxQ+B4ecPvvjABAbQXI6JF7RHaHD4h1RuC+hnDjSCBIDiRMJSrpF3Jhbx2 LQNA== X-Gm-Message-State: ALoCoQl6sPsLObciRz8RrlNLQxi7l1vSp43fEfkSPuP3agNtl71MqOxntq6Bpt6lGXac2m5DRmMu X-Received: by 10.194.63.205 with SMTP id i13mr12256812wjs.74.1409005609207; Mon, 25 Aug 2014 15:26:49 -0700 (PDT) Received: from coma.weltnetz.local ([95.91.233.61]) by mx.google.com with ESMTPSA id cy9sm4967875wib.18.2014.08.25.15.26.48 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 25 Aug 2014 15:26:48 -0700 (PDT) From: Hagen Paul Pfeifer To: netdev@vger.kernel.org Cc: Hagen Paul Pfeifer , Fernando Gont Subject: [RFC PATCH net-next] ipv6: stop sending PTB packets for MTU < 1280 Date: Tue, 26 Aug 2014 00:25:45 +0200 Message-Id: <1409005545-24910-2-git-send-email-hagen@jauu.net> X-Mailer: git-send-email 2.1.0 In-Reply-To: <53F39E50.1020209@gont.com.ar> References: <53F39E50.1020209@gont.com.ar> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Reduce the attack vector and stop generating ICMPv6 packet to big for packets smaller then the minimal required IPv6 MTU. See http://tools.ietf.org/html/draft-gont-6man-deprecate-atomfrag-generation-00 Signed-off-by: Hagen Paul Pfeifer --- net/ipv6/route.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/net/ipv6/route.c b/net/ipv6/route.c index f74b041..84ebacd 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -1154,12 +1154,9 @@ static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, struct net *net = dev_net(dst->dev); rt6->rt6i_flags |= RTF_MODIFIED; - if (mtu < IPV6_MIN_MTU) { - u32 features = dst_metric(dst, RTAX_FEATURES); + if (mtu < IPV6_MIN_MTU) mtu = IPV6_MIN_MTU; - features |= RTAX_FEATURE_ALLFRAG; - dst_metric_set(dst, RTAX_FEATURES, features); - } + dst_metric_set(dst, RTAX_MTU, mtu); rt6_update_expires(rt6, net->ipv6.sysctl.ip6_rt_mtu_expires); }