The ip header checksum can be error in the following steps.
$ ip netns add ns1
$ ip link add gw link eth0 type ipvlan
$ ip addr add 168.16.0.1/24 dev gw
$ ip link set dev gw up
$ ip link add ip1 link eth0 type ipvlan
$ ip link set ip1 netns ns1
$ ip netns exec ns1 ip link set ip1 up
$ ip netns exec ns1 ip addr add 168.16.0.2/24 dev ip1
$ ip netns exec ns1 tc qdisc add dev ip1 root netem corrupt 50%
$ ip netns exec ns1 ping 168.16.0.1

The ip header of a packet maybe modified when it steps in
ipvlan_process_v4_outbound because of the netem, the corruptted
packets should be dropped.

Here I add the check of ip header to drop the corruptted packets
and to avoid a problem in some cases.

Signed-off-by: guodeqing <geffrey....@huawei.com>
---
 drivers/net/ipvlan/ipvlan_core.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/drivers/net/ipvlan/ipvlan_core.c b/drivers/net/ipvlan/ipvlan_core.c
index 8801d09..22cef89 100644
--- a/drivers/net/ipvlan/ipvlan_core.c
+++ b/drivers/net/ipvlan/ipvlan_core.c
@@ -428,6 +428,12 @@ static int ipvlan_process_v4_outbound(struct sk_buff *skb)
                .saddr = ip4h->saddr,
        };
 
+       if (ip4h->ihl < 5)
+               goto err;
+
+       if (unlikely(ip_fast_csum((u8 *)ip4h, ip4h->ihl)))
+               goto err;
+
        rt = ip_route_output_flow(net, &fl4, NULL);
        if (IS_ERR(rt))
                goto err;
-- 
2.7.4

Reply via email to