Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bb134d5d authored by Eric Dumazet's avatar Eric Dumazet Committed by David S. Miller
Browse files

tcp: Fix tcp_v4_rcv() 



Commit d218d111 (tcp: Generalized TTL Security Mechanism) added a bug
for TIMEWAIT sockets. We should not test min_ttl for TW sockets.

Reported-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
Acked-by: default avatarStephen Hemminger <shemminger@vyatta.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent fe234f0e

net/ipv4/tcp_ipv4.c

+4 −4
Original line number Diff line number Diff line
@@ -1651,15 +1651,15 @@ int tcp_v4_rcv(struct sk_buff *skb) 
	if (!sk)

		goto no_tcp_socket;



process:

	if (sk->sk_state == TCP_TIME_WAIT)

		goto do_time_wait;



	if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {

		NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);

		goto discard_and_relse;

	}



process:

	if (sk->sk_state == TCP_TIME_WAIT)

		goto do_time_wait;



	if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb))

		goto discard_and_relse;

	nf_reset(skb);