Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit cbce0413 authored by Toke Høiland-Jørgensen's avatar Toke Høiland-Jørgensen Committed by Greg Kroah-Hartman
Browse files

sch_cake: Make sure we can write the IP header before changing DSCP bits 



[ Upstream commit c87b4ecdbe8db27867a7b7f840291cd843406bd7 ]

There is not actually any guarantee that the IP headers are valid before we
access the DSCP bits of the packets. Fix this using the same approach taken
in sch_dsmark.

Reported-by: default avatarKevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Signed-off-by: default avatarToke Høiland-Jørgensen <toke@redhat.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 49053222

net/sched/sch_cake.c

+11 −0
Original line number Original line Diff line number Diff line
@@ -1524,16 +1524,27 @@ static void cake_wash_diffserv(struct sk_buff *skb) 




static u8 cake_handle_diffserv(struct sk_buff *skb, u16 wash)

static u8 cake_handle_diffserv(struct sk_buff *skb, u16 wash)

{

{

	int wlen = skb_network_offset(skb);

	u8 dscp;

	u8 dscp;





	switch (tc_skb_protocol(skb)) {

	switch (tc_skb_protocol(skb)) {

	case htons(ETH_P_IP):

	case htons(ETH_P_IP):

		wlen += sizeof(struct iphdr);

		if (!pskb_may_pull(skb, wlen) ||

		    skb_try_make_writable(skb, wlen))

			return 0;



		dscp = ipv4_get_dsfield(ip_hdr(skb)) >> 2;

		dscp = ipv4_get_dsfield(ip_hdr(skb)) >> 2;

		if (wash && dscp)

		if (wash && dscp)

			ipv4_change_dsfield(ip_hdr(skb), INET_ECN_MASK, 0);

			ipv4_change_dsfield(ip_hdr(skb), INET_ECN_MASK, 0);

		return dscp;

		return dscp;





	case htons(ETH_P_IPV6):

	case htons(ETH_P_IPV6):

		wlen += sizeof(struct ipv6hdr);

		if (!pskb_may_pull(skb, wlen) ||

		    skb_try_make_writable(skb, wlen))

			return 0;



		dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> 2;

		dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> 2;

		if (wash && dscp)

		if (wash && dscp)

			ipv6_change_dsfield(ipv6_hdr(skb), INET_ECN_MASK, 0);

			ipv6_change_dsfield(ipv6_hdr(skb), INET_ECN_MASK, 0);