ipip: fix a regression in ioctl
authorCong Wang <amwang@redhat.com>
Tue, 2 Jul 2013 06:49:34 +0000 (14:49 +0800)
committerDavid S. Miller <davem@davemloft.net>
Tue, 2 Jul 2013 08:13:09 +0000 (01:13 -0700)
This is a regression introduced by
commit fd58156e456d9f68fe0448 (IPIP: Use ip-tunneling code.)

Similar to GRE tunnel, previously we only check the parameters
for SIOCADDTUNNEL and SIOCCHGTUNNEL, after that commit, the
check is moved for all commands.

So, just check for SIOCADDTUNNEL and SIOCCHGTUNNEL.

Also, the check for i_key, o_key etc. is suspicious too,
which did not exist before, reset them before passing
to ip_tunnel_ioctl().

Cc: Pravin B Shelar <pshelar@nicira.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Cong Wang <amwang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/ipip.c

index e6905fbda2a2981ebc5e9f347265507ec2154f27..51fc2a1dcdd3aa564147933d7485ec6356e9ad12 100644 (file)
@@ -244,11 +244,13 @@ ipip_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
        if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
                return -EFAULT;
 
-       if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP ||
-                       p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)))
-               return -EINVAL;
-       if (p.i_key || p.o_key || p.i_flags || p.o_flags)
-               return -EINVAL;
+       if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) {
+               if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP ||
+                   p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)))
+                       return -EINVAL;
+       }
+
+       p.i_key = p.o_key = p.i_flags = p.o_flags = 0;
        if (p.iph.ttl)
                p.iph.frag_off |= htons(IP_DF);