[ovs-git] [openvswitch/ovs] f41256: tunnel: Validate IP header for userspace tunneling...
GitHub
noreply at github.com
Sun Sep 13 15:14:27 UTC 2015
Branch: refs/heads/master
Home: https://github.com/openvswitch/ovs
Commit: f41256d709d1733262b7538613237b34e801f457
https://github.com/openvswitch/ovs/commit/f41256d709d1733262b7538613237b34e801f457
Author: Jesse Gross <jesse at nicira.com>
Date: 2015-09-13 (Sun, 13 Sep 2015)
Changed paths:
M lib/netdev-vport.c
M tests/tunnel-push-pop.at
Log Message:
-----------
tunnel: Validate IP header for userspace tunneling.
Currently, when doing userspace tunneling we don't perform much in
the way of integrity checks on the incoming IP header. The case of
tunneling is different from the usual case of switching since we are
acting as the endpoint here and should not allow invalid packets to
pass.
This adds checks for IP checksum, version, total length, and options and
drops packets that don't pass.
Signed-off-by: Jesse Gross <jesse at nicira.com>
Acked-by: Pravin B Shelar <pshelar at nicira.com>
More information about the git
mailing list