From patchwork Tue Sep 11 12:37:15 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jesper Dangaard Brouer X-Patchwork-Id: 183095 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 823822C0088 for ; Tue, 11 Sep 2012 22:32:56 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752535Ab2IKMcp (ORCPT ); Tue, 11 Sep 2012 08:32:45 -0400 Received: from mx1.redhat.com ([209.132.183.28]:65406 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752627Ab2IKMcQ (ORCPT ); Tue, 11 Sep 2012 08:32:16 -0400 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q8BCVetC018679 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 11 Sep 2012 08:31:41 -0400 Received: from dragon.localdomain (ovpn-116-72.ams2.redhat.com [10.36.116.72]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id q8BCVdSN014544; Tue, 11 Sep 2012 08:31:39 -0400 Received: from [127.0.0.1] (localhost [IPv6:::1]) by dragon.localdomain (Postfix) with ESMTP id 12BC12C04CB; Tue, 11 Sep 2012 14:37:15 +0200 (CEST) From: Jesper Dangaard Brouer Subject: [PATCH V3 4/8] ipvs: Fix bug in IPv6 NAT mangling of ports inside ICMPv6 packets To: Hans Schillstrom , Hans Schillstrom , netdev@vger.kernel.org, "Patrick McHardy" , Pablo Neira Ayuso , lvs-devel@vger.kernel.org, Julian Anastasov Cc: Jesper Dangaard Brouer , Thomas Graf , Wensong Zhang , netfilter-devel@vger.kernel.org, Simon Horman Date: Tue, 11 Sep 2012 14:37:15 +0200 Message-ID: <20120911123708.4305.50410.stgit@dragon> In-Reply-To: <20120911123531.4305.40304.stgit@dragon> References: <20120911123531.4305.40304.stgit@dragon> User-Agent: StGIT/0.14.3 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org ICMPv6 return traffic, which needs to be NAT modified, does not get modified correctly, because the SKB have not been made sufficiently "writable". Make sure SKB is writable in ip_vs_nat_icmp_v6(). Note, the calling code path have handled this case for IPv4, but not for IPv6. I have placed the change in ip_vs_nat_icmp_v6() in-order to reduce the changes/impact of that path. Signed-off-by: Jesper Dangaard Brouer --- net/netfilter/ipvs/ip_vs_core.c | 6 ++++++ 1 files changed, 6 insertions(+), 0 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index ebd105c..fd50f47 100644 --- a/net/netfilter/ipvs/ip_vs_core.c +++ b/net/netfilter/ipvs/ip_vs_core.c @@ -737,6 +737,12 @@ void ip_vs_nat_icmp_v6(struct sk_buff *skb, struct ip_vs_protocol *pp, icmp_offset); struct ipv6hdr *ciph = (struct ipv6hdr *)(icmph + 1); + /* Make sure SKB is writable */ + unsigned int write; + write = icmp_offset + sizeof(struct icmp6hdr) + sizeof(struct ipv6hdr); + if (!skb_make_writable(skb, write + 2 * sizeof(__u16))) + return; + if (inout) { iph->saddr = cp->vaddr.in6; ciph->daddr = cp->vaddr.in6;