On receive, the userspace GRE code doesn't check the protocol
field. Since OVS only understands Ethernet packets, this adds a
check that the inner protocol is Ethernet and discards other types
of packets.
Signed-off-by: Jesse Gross <je...@nicira.com>
---
lib/netdev-vport.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
index d4de0d1..1ee68bc 100644
--- a/lib/netdev-vport.c
+++ b/lib/netdev-vport.c
@@ -911,6 +911,10 @@ parse_gre_header(struct dp_packet *packet,
return -EINVAL;
}
+ if (greh->protocol != htons(ETH_TYPE_TEB)) {
+ return -EINVAL;
+ }
+
hlen = gre_header_len(greh->flags);
if (hlen > dp_packet_size(packet)) {
return -EINVAL;
--
1.9.1
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
