git.baikalelectronics.ru Git - kernel.git/commit

author	Hangbin Liu <liuhangbin@gmail.com>
	Tue, 27 Oct 2020 12:33:13 +0000 (20:33 +0800)
committer	Jakub Kicinski <kuba@kernel.org>
	Sat, 31 Oct 2020 20:16:02 +0000 (13:16 -0700)
commit	e3e735ae1c7b4e31350c05283a52a4cbc5883fb2
tree	ce049de5cdd1d34f469b09032eee45a3e762585a	tree \| snapshot
parent	20eb992cbf51c7e72c5a183070f94bcff4597d94	commit \| diff

IPv6: reply ICMP error if the first fragment don't include all headers

Based on RFC 8200, Section 4.5 Fragment Header:

  -  If the first fragment does not include all headers through an
     Upper-Layer header, then that fragment should be discarded and
     an ICMP Parameter Problem, Code 3, message should be sent to
     the source of the fragment, with the Pointer field set to zero.

Checking each packet header in IPv6 fast path will have performance impact,
so I put the checking in ipv6_frag_rcv().

As the packet may be any kind of L4 protocol, I only checked some common
protocols' header length and handle others by (offset + 1) > skb->len.
Also use !(frag_off & htons(IP6_OFFSET)) to catch atomic fragments
(fragmented packet with only one fragment).

When send ICMP error message, if the 1st truncated fragment is ICMP message,
icmp6_send() will break as is_ineligible() return true. So I added a check
in is_ineligible() to let fragment packet with nexthdr ICMP but no ICMP header
return false.

Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

net/ipv6/icmp.c		diff \| blob \| history
net/ipv6/reassembly.c		diff \| blob \| history