aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHans Dedecker <dedeckeh@gmail.com>2018-06-21 22:09:12 +0200
committerHans Dedecker <dedeckeh@gmail.com>2018-06-21 22:10:06 +0200
commit7f3121cf8a72490ee36edbcecf0adde8246867b5 (patch)
tree6f9fb15f34c9ec086a55bbe536f3979706c2e1c3
parentc276abf061bc9ebd96b80d2021d445de66a29011 (diff)
downloadupstream-7f3121cf8a72490ee36edbcecf0adde8246867b5.tar.gz
upstream-7f3121cf8a72490ee36edbcecf0adde8246867b5.tar.bz2
upstream-7f3121cf8a72490ee36edbcecf0adde8246867b5.zip
kernel: backport fix for missing tunnel encapsulation limit option
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
-rw-r--r--target/linux/generic/backport-4.9/094-v4.12-0001-ip6_tunnel-Fix-missing-tunnel-encapsulation-limit-op.patch50
-rw-r--r--target/linux/generic/backport-4.9/094-v4.12-0002-ipv6-Need-to-export-ipv6_push_frag_opts-for-tunnelin.patch31
2 files changed, 81 insertions, 0 deletions
diff --git a/target/linux/generic/backport-4.9/094-v4.12-0001-ip6_tunnel-Fix-missing-tunnel-encapsulation-limit-op.patch b/target/linux/generic/backport-4.9/094-v4.12-0001-ip6_tunnel-Fix-missing-tunnel-encapsulation-limit-op.patch
new file mode 100644
index 0000000000..0ccbacf3d0
--- /dev/null
+++ b/target/linux/generic/backport-4.9/094-v4.12-0001-ip6_tunnel-Fix-missing-tunnel-encapsulation-limit-op.patch
@@ -0,0 +1,50 @@
+From 89a23c8b528bd2c89f3981573d6cd7d23840c8a6 Mon Sep 17 00:00:00 2001
+From: Craig Gallek <cgallek@google.com>
+Date: Wed, 26 Apr 2017 14:37:45 -0400
+Subject: [PATCH] ip6_tunnel: Fix missing tunnel encapsulation limit option
+
+The IPv6 tunneling code tries to insert IPV6_TLV_TNL_ENCAP_LIMIT and
+IPV6_TLV_PADN options when an encapsulation limit is defined (the
+default is a limit of 4). An MTU adjustment is done to account for
+these options as well. However, the options are never present in the
+generated packets.
+
+The issue appears to be a subtlety between IPV6_DSTOPTS and
+IPV6_RTHDRDSTOPTS defined in RFC 3542. When the IPIP tunnel driver was
+written, the encap limit options were included as IPV6_RTHDRDSTOPTS in
+dst0opt of struct ipv6_txoptions. Later, ipv6_push_nfrags_opts was
+(correctly) updated to require IPV6_RTHDR options when IPV6_RTHDRDSTOPTS
+are to be used. This caused the options to no longer be included in v6
+encapsulated packets.
+
+The fix is to use IPV6_DSTOPTS (in dst1opt of struct ipv6_txoptions)
+instead. IPV6_DSTOPTS do not have the additional IPV6_RTHDR requirement.
+
+Fixes: 1df64a8569c7: ("[IPV6]: Add ip6ip6 tunnel driver.")
+Fixes: 333fad5364d6: ("[IPV6]: Support several new sockopt / ancillary data in Advanced API (RFC3542)")
+Signed-off-by: Craig Gallek <kraig@google.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+---
+ net/ipv6/ip6_tunnel.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/net/ipv6/ip6_tunnel.c
++++ b/net/ipv6/ip6_tunnel.c
+@@ -957,7 +957,7 @@ static void init_tel_txopt(struct ipv6_t
+ opt->dst_opt[5] = IPV6_TLV_PADN;
+ opt->dst_opt[6] = 1;
+
+- opt->ops.dst0opt = (struct ipv6_opt_hdr *) opt->dst_opt;
++ opt->ops.dst1opt = (struct ipv6_opt_hdr *) opt->dst_opt;
+ opt->ops.opt_nflen = 8;
+ }
+
+@@ -1191,7 +1191,7 @@ route_lookup:
+
+ if (encap_limit >= 0) {
+ init_tel_txopt(&opt, encap_limit);
+- ipv6_push_nfrag_opts(skb, &opt.ops, &proto, NULL);
++ ipv6_push_frag_opts(skb, &opt.ops, &proto);
+ }
+
+ /* Calculate max headroom for all the headers and adjust
diff --git a/target/linux/generic/backport-4.9/094-v4.12-0002-ipv6-Need-to-export-ipv6_push_frag_opts-for-tunnelin.patch b/target/linux/generic/backport-4.9/094-v4.12-0002-ipv6-Need-to-export-ipv6_push_frag_opts-for-tunnelin.patch
new file mode 100644
index 0000000000..d102e7bb85
--- /dev/null
+++ b/target/linux/generic/backport-4.9/094-v4.12-0002-ipv6-Need-to-export-ipv6_push_frag_opts-for-tunnelin.patch
@@ -0,0 +1,31 @@
+From 5b8481fa42ac58484d633b558579e302aead64c1 Mon Sep 17 00:00:00 2001
+From: "David S. Miller" <davem@davemloft.net>
+Date: Mon, 1 May 2017 15:10:20 -0400
+Subject: [PATCH] ipv6: Need to export ipv6_push_frag_opts for tunneling now.
+
+Since that change also made the nfrag function not necessary
+for exports, remove it.
+
+Fixes: 89a23c8b528b ("ip6_tunnel: Fix missing tunnel encapsulation limit option")
+Signed-off-by: David S. Miller <davem@davemloft.net>
+---
+ net/ipv6/exthdrs.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/net/ipv6/exthdrs.c
++++ b/net/ipv6/exthdrs.c
+@@ -729,13 +729,13 @@ void ipv6_push_nfrag_opts(struct sk_buff
+ if (opt->hopopt)
+ ipv6_push_exthdr(skb, proto, NEXTHDR_HOP, opt->hopopt);
+ }
+-EXPORT_SYMBOL(ipv6_push_nfrag_opts);
+
+ void ipv6_push_frag_opts(struct sk_buff *skb, struct ipv6_txoptions *opt, u8 *proto)
+ {
+ if (opt->dst1opt)
+ ipv6_push_exthdr(skb, proto, NEXTHDR_DEST, opt->dst1opt);
+ }
++EXPORT_SYMBOL(ipv6_push_frag_opts);
+
+ struct ipv6_txoptions *
+ ipv6_dup_options(struct sock *sk, struct ipv6_txoptions *opt)