From patchwork Thu May 17 00:24:32 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: William Tu <u9012063@gmail.com>
X-Patchwork-Id: 915026
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netdev-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="cywkQ2Le"; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 40mXBT6nC5z9s1B
	for <patchwork-incoming-netdev@ozlabs.org>;
	Thu, 17 May 2018 10:25:05 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752014AbeEQAZB (ORCPT
	<rfc822;patchwork-incoming-netdev@ozlabs.org>);
	Wed, 16 May 2018 20:25:01 -0400
Received: from mail-pg0-f67.google.com ([74.125.83.67]:34356 "EHLO
	mail-pg0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751438AbeEQAZA (ORCPT
	<rfc822;netdev@vger.kernel.org>); Wed, 16 May 2018 20:25:00 -0400
Received: by mail-pg0-f67.google.com with SMTP id k2-v6so1017451pgc.1
	for <netdev@vger.kernel.org>; Wed, 16 May 2018 17:25:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id;
	bh=0d88c5cqF9TvBcCXuz05zWq4DEhJuwhwQ5QO9yrNu/o=;
	b=cywkQ2Le28fZC2JtyqynDcXHqa2BfIgtcR191L1Qxv16+sEMwk2YkCULfkWw0lVL+M
	+noTm0PG8BACYZERSZiHh2Jclm8W8nd+mw9Ti9OnTIrJjvHYCTmXODevMp7MQ2WaYkd0
	5wrzDOEyqwk0iGDMwuPtEax5DgjSDA9I6E27sF0nrm3qbdSA1T6N04ANY9c65eqgFPzG
	oGRcZmYVG6qVY+646E3dJoTtOLvwPZHRAERXpGux8SlaHV9rnaztjHGfZFpTwfd4/kW5
	nGjbWDTKPkt/vxMZVlq4yML3+G30zZhwEYREb4d0zK1oCCsB8sKBBuvmGxYwe+o2Ewlx
	NSrQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=0d88c5cqF9TvBcCXuz05zWq4DEhJuwhwQ5QO9yrNu/o=;
	b=i2lXie47Ht1cAz1D39kBqE562x14XRYWHGIleh8Y/V69gJXLM2jdFeEQRrXt9oBcxo
	f2rP+zmu9LxqjbQMO4RGvZq010UKElNWX4/MEgvRFOAGJgt2LphlOvD5WgprAGkfqJS0
	L5Mt14ADDqOsx6IGoVTUj5A1VWOLFbi3NLBT7VnEEw99wb3Hh5hvfyHiXrDfXqKDAeYB
	xTvgyfd1ORyTyTasfgGckP+gWYe9FwEg0cYQs4+B5LrjruJA2ByX3aVsefH5d2wEM/hX
	kbj15GJwfDJGBoGxMCYNx1qf5jyAPpLOFS7sI4ERSGI/Izd+2dXPJXkK6Ep9UoeGD8KH
	hZnQ==
X-Gm-Message-State: ALKqPwfgAlVDtXWmYJ9SGL+fxQpghqMEV3uQrnsLd+zjYr63PNJAc2ed
	57MRVsIly2E8A6IZVy8W74jSOHUP
X-Google-Smtp-Source: 
 AB8JxZoaCM72aMJT3ZMX9mQmU1KHYQUMIqiboFXzuAN8xXIxfPY5uUHcAL5eSrPE+nIr18xsdBNXhw==
X-Received: by 2002:a62:12d4:: with SMTP id
	81-v6mr3046623pfs.243.1526516699455;
	Wed, 16 May 2018 17:24:59 -0700 (PDT)
Received: from sc9-mailhost3.vmware.com ([66.170.99.2])
	by smtp.gmail.com with ESMTPSA id
	c20-v6sm7434478pfk.63.2018.05.16.17.24.57
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Wed, 16 May 2018 17:24:58 -0700 (PDT)
From: William Tu <u9012063@gmail.com>
To: netdev@vger.kernel.org
Cc: gvrose8192@gmail.com
Subject: [PATCH net] erspan: fix invalid erspan version.
Date: Wed, 16 May 2018 17:24:32 -0700
Message-Id: <1526516672-9497-1-git-send-email-u9012063@gmail.com>
X-Mailer: git-send-email 2.7.4
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

ERSPAN only support version 1 and 2.  When packets send to an
erspan device which does not have proper version number set,
drop the packet.  In real case, we observe multicast packets
sent to the erspan pernet device, erspan0, which does not have
erspan version configured.

Reported-by: Greg Rose <gvrose8192@gmail.com>
Signed-off-by: William Tu <u9012063@gmail.com>
---
 net/ipv4/ip_gre.c  | 4 +++-
 net/ipv6/ip6_gre.c | 5 ++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index 2409e648454d..2d8efeecf619 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -734,10 +734,12 @@ static netdev_tx_t erspan_xmit(struct sk_buff *skb,
 		erspan_build_header(skb, ntohl(tunnel->parms.o_key),
 				    tunnel->index,
 				    truncate, true);
-	else
+	else if (tunnel->erspan_ver == 2)
 		erspan_build_header_v2(skb, ntohl(tunnel->parms.o_key),
 				       tunnel->dir, tunnel->hwid,
 				       truncate, true);
+	else
+		goto free_skb;
 
 	tunnel->parms.o_flags &= ~TUNNEL_KEY;
 	__gre_xmit(skb, dev, &tunnel->parms.iph, htons(ETH_P_ERSPAN));
diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c
index bede77f24784..d20072fc38cb 100644
--- a/net/ipv6/ip6_gre.c
+++ b/net/ipv6/ip6_gre.c
@@ -991,11 +991,14 @@ static netdev_tx_t ip6erspan_tunnel_xmit(struct sk_buff *skb,
 			erspan_build_header(skb, ntohl(t->parms.o_key),
 					    t->parms.index,
 					    truncate, false);
-		else
+		else if (t->parms.erspan_ver == 2)
 			erspan_build_header_v2(skb, ntohl(t->parms.o_key),
 					       t->parms.dir,
 					       t->parms.hwid,
 					       truncate, false);
+		else
+			goto tx_err;
+
 		fl6.daddr = t->parms.raddr;
 	}