@@ -357,6 +357,11 @@ static int seg6_local_input(struct sk_buff *skb)
struct seg6_action_desc *desc;
struct seg6_local_lwt *slwt;
+ if (skb->protocol != htons(ETH_P_IPV6)) {
+ kfree_skb(skb);
+ return -EINVAL;
+ }
+
slwt = seg6_local_lwtunnel(orig_dst->lwtstate);
desc = slwt->desc;
@@ -623,6 +628,9 @@ static int seg6_local_build_state(struct nlattr *nla, unsigned int family,
struct seg6_local_lwt *slwt;
int err;
+ if (family != AF_INET6)
+ return -EINVAL;
+
err = nla_parse_nested(tb, SEG6_LOCAL_MAX, nla, seg6_local_policy,
extack);
This patch ensures that the seg6local lightweight tunnel is used solely with IPv6 routes and processes only IPv6 packets. Signed-off-by: David Lebrun <david.lebrun@uclouvain.be> --- net/ipv6/seg6_local.c | 8 ++++++++ 1 file changed, 8 insertions(+)