shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-07 19:30:30 +09:00
Code Issues Packages Projects Releases Wiki Activity

sch_cake: Make sure we can write the IP header before changing DSCP bits

Browse Source 
[ Upstream commit c87b4ecdbe ]

There is not actually any guarantee that the IP headers are valid before we
access the DSCP bits of the packets. Fix this using the same approach taken
in sch_dsmark.

Reported-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Toke Høiland-Jørgensen
2019-04-04 15:01:33 +02:00
committed by Greg Kroah-Hartman
parent 490532225e
commit cbce0413f7
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
net/sched/sch_cake.c
View File

@@ -1524,16 +1524,27 @@ static void cake_wash_diffserv(struct sk_buff *skb)
static u8 cake_handle_diffserv(struct sk_buff *skb, u16 wash)
{
int wlen = skb_network_offset(skb);
u8 dscp;
switch (tc_skb_protocol(skb)) {
case htons(ETH_P_IP):
wlen += sizeof(struct iphdr);
if (!pskb_may_pull(skb, wlen) ||
skb_try_make_writable(skb, wlen))
return 0;
dscp = ipv4_get_dsfield(ip_hdr(skb)) >> 2;
if (wash && dscp)
ipv4_change_dsfield(ip_hdr(skb), INET_ECN_MASK, 0);
return dscp;
case htons(ETH_P_IPV6):
wlen += sizeof(struct ipv6hdr);
if (!pskb_may_pull(skb, wlen) ||
skb_try_make_writable(skb, wlen))
return 0;
dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> 2;
if (wash && dscp)
ipv6_change_dsfield(ipv6_hdr(skb), INET_ECN_MASK, 0);