Merge remote-tracking branch 'ipsec/master'

[karo-tx-linux.git] / net / ipv4 / xfrm4_policy.c

diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
index 126ff9020bad25183ae5a186add0bf8e523d9c5a..7b0edb37a1150427ef3b0d9a7f2be11421ef67b0 100644 (file)
--- a/net/ipv4/xfrm4_policy.c
+++ b/net/ipv4/xfrm4_policy.c
@@ -15,7 +15,7 @@
 #include <net/dst.h>
 #include <net/xfrm.h>
 #include <net/ip.h>
-#include <net/vrf.h>
+#include <net/l3mdev.h>
 
 static struct xfrm_policy_afinfo xfrm4_policy_afinfo;
 
@@ -97,6 +97,7 @@ static int xfrm4_fill_dst(struct xfrm_dst *xdst, struct net_device *dev,
        xdst->u.rt.rt_gateway = rt->rt_gateway;
        xdst->u.rt.rt_uses_gateway = rt->rt_uses_gateway;
        xdst->u.rt.rt_pmtu = rt->rt_pmtu;
+       xdst->u.rt.rt_table_id = rt->rt_table_id;
        INIT_LIST_HEAD(&xdst->u.rt.rt_uncached);
 
        return 0;
@@ -110,10 +111,8 @@ _decode_session4(struct sk_buff *skb, struct flowi *fl, int reverse)
        struct flowi4 *fl4 = &fl->u.ip4;
        int oif = 0;
 
-       if (skb_dst(skb)) {
-               oif = vrf_master_ifindex(skb_dst(skb)->dev) ?
-                       : skb_dst(skb)->dev->ifindex;
-       }
+       if (skb_dst(skb))
+               oif = l3mdev_fib_oif(skb_dst(skb)->dev);
 
        memset(fl4, 0, sizeof(struct flowi4));
        fl4->flowi4_mark = skb->mark;
@@ -128,7 +127,10 @@ _decode_session4(struct sk_buff *skb, struct flowi *fl, int reverse)
                case IPPROTO_DCCP:
                        if (xprth + 4 < skb->data ||
                            pskb_may_pull(skb, xprth + 4 - skb->data)) {
-                               __be16 *ports = (__be16 *)xprth;
+                               __be16 *ports;
+
+                               xprth = skb_network_header(skb) + iph->ihl * 4;
+                               ports = (__be16 *)xprth;
 
                                fl4->fl4_sport = ports[!!reverse];
                                fl4->fl4_dport = ports[!reverse];
@@ -136,8 +138,12 @@ _decode_session4(struct sk_buff *skb, struct flowi *fl, int reverse)
                        break;
 
                case IPPROTO_ICMP:
-                       if (pskb_may_pull(skb, xprth + 2 - skb->data)) {
-                               u8 *icmp = xprth;
+                       if (xprth + 2 < skb->data ||
+                           pskb_may_pull(skb, xprth + 2 - skb->data)) {
+                               u8 *icmp;
+
+                               xprth = skb_network_header(skb) + iph->ihl * 4;
+                               icmp = xprth;
 
                                fl4->fl4_icmp_type = icmp[0];
                                fl4->fl4_icmp_code = icmp[1];
@@ -145,33 +151,50 @@ _decode_session4(struct sk_buff *skb, struct flowi *fl, int reverse)
                        break;
 
                case IPPROTO_ESP:
-                       if (pskb_may_pull(skb, xprth + 4 - skb->data)) {
-                               __be32 *ehdr = (__be32 *)xprth;
+                       if (xprth + 4 < skb->data ||
+                           pskb_may_pull(skb, xprth + 4 - skb->data)) {
+                               __be32 *ehdr;
+
+                               xprth = skb_network_header(skb) + iph->ihl * 4;
+                               ehdr = (__be32 *)xprth;
 
                                fl4->fl4_ipsec_spi = ehdr[0];
                        }
                        break;
 
                case IPPROTO_AH:
-                       if (pskb_may_pull(skb, xprth + 8 - skb->data)) {
-                               __be32 *ah_hdr = (__be32 *)xprth;
+                       if (xprth + 8 < skb->data ||
+                           pskb_may_pull(skb, xprth + 8 - skb->data)) {
+                               __be32 *ah_hdr;
+
+                               xprth = skb_network_header(skb) + iph->ihl * 4;
+                               ah_hdr = (__be32 *)xprth;
 
                                fl4->fl4_ipsec_spi = ah_hdr[1];
                        }
                        break;
 
                case IPPROTO_COMP:
-                       if (pskb_may_pull(skb, xprth + 4 - skb->data)) {
-                               __be16 *ipcomp_hdr = (__be16 *)xprth;
+                       if (xprth + 4 < skb->data ||
+                           pskb_may_pull(skb, xprth + 4 - skb->data)) {
+                               __be16 *ipcomp_hdr;
+
+                               xprth = skb_network_header(skb) + iph->ihl * 4;
+                               ipcomp_hdr = (__be16 *)xprth;
 
                                fl4->fl4_ipsec_spi = htonl(ntohs(ipcomp_hdr[1]));
                        }
                        break;
 
                case IPPROTO_GRE:
-                       if (pskb_may_pull(skb, xprth + 12 - skb->data)) {
-                               __be16 *greflags = (__be16 *)xprth;
-                               __be32 *gre_hdr = (__be32 *)xprth;
+                       if (xprth + 12 < skb->data ||
+                           pskb_may_pull(skb, xprth + 12 - skb->data)) {
+                               __be16 *greflags;
+                               __be32 *gre_hdr;
+
+                               xprth = skb_network_header(skb) + iph->ihl * 4;
+                               greflags = (__be16 *)xprth;
+                               gre_hdr = (__be32 *)xprth;
 
                                if (greflags[0] & GRE_KEY) {
                                        if (greflags[0] & GRE_CSUM)
@@ -245,7 +268,7 @@ static struct dst_ops xfrm4_dst_ops_template = {
        .destroy =              xfrm4_dst_destroy,
        .ifdown =               xfrm4_dst_ifdown,
        .local_out =            __ip_local_out,
-       .gc_thresh =            32768,
+       .gc_thresh =            INT_MAX,
 };
 
 static struct xfrm_policy_afinfo xfrm4_policy_afinfo = {