summaryrefslogtreecommitdiffstats
path: root/net/ipv6/netfilter
diff options
context:
space:
mode:
authorDave Johnson <dave-kernel@centerclick.org>2017-04-24 09:11:24 -0400
committerPablo Neira Ayuso <pablo@netfilter.org>2017-04-25 11:10:38 +0200
commit9dd2ab609eef736d5639e0de1bcc2e71e714b28e (patch)
tree269ceeff49482d9113feff5b79b5a69e7dfd39ae /net/ipv6/netfilter
parent277a292835c196894ef895d5e1fd6170bb916f55 (diff)
downloadlinux-stable-9dd2ab609eef736d5639e0de1bcc2e71e714b28e.tar.gz
linux-stable-9dd2ab609eef736d5639e0de1bcc2e71e714b28e.tar.bz2
linux-stable-9dd2ab609eef736d5639e0de1bcc2e71e714b28e.zip
netfilter: Wrong icmp6 checksum for ICMPV6_TIME_EXCEED in reverse SNATv6 path
When recalculating the outer ICMPv6 checksum for a reverse path NATv6 such as ICMPV6_TIME_EXCEED nf_nat_icmpv6_reply_translation() was accessing data beyond the headlen of the skb for non-linear skb. This resulted in incorrect ICMPv6 checksum as garbage data was used. Patch replaces csum_partial() with skb_checksum() which supports non-linear skbs similar to nf_nat_icmp_reply_translation() from ipv4. Signed-off-by: Dave Johnson <dave-kernel@centerclick.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/ipv6/netfilter')
-rw-r--r--net/ipv6/netfilter/nf_nat_l3proto_ipv6.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c b/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c
index e0be97e636a4..69937b637ee5 100644
--- a/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c
@@ -235,7 +235,7 @@ int nf_nat_icmpv6_reply_translation(struct sk_buff *skb,
inside->icmp6.icmp6_cksum =
csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr,
skb->len - hdrlen, IPPROTO_ICMPV6,
- csum_partial(&inside->icmp6,
+ skb_checksum(skb, hdrlen,
skb->len - hdrlen, 0));
}