tunneling: Add check for GRE protocol is Ethernet.

On receive, the userspace GRE code doesn't check the protocol field. Since OVS only understands Ethernet packets, this adds a check that the inner protocol is Ethernet and discards other types of packets. Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pritesh Kothari <pritesh.kothari@cisco.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
author: Jesse Gross <jesse@nicira.com> 2015-03-26 16:53:39 -0700
committer: Jesse Gross <jesse@nicira.com> 2015-04-07 16:26:34 -0700
commit: 6432e527ce4bc1d67b8fe8ec111817b52953b7c3 (patch)
tree: aa866933c46073a4f5819b14ec5ae9d736ff92ab /lib
parent: 6625245743a8621a8eee1fd67add15120ed042f8 (diff)
download: openvswitch-6432e527ce4bc1d67b8fe8ec111817b52953b7c3.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
index d4de0d1f1..1ee68bcc1 100644
--- a/lib/netdev-vport.c
+++ b/lib/netdev-vport.c
@@ -911,6 +911,10 @@ parse_gre_header(struct dp_packet *packet,
         return -EINVAL;
     }
 
+    if (greh->protocol != htons(ETH_TYPE_TEB)) {
+        return -EINVAL;
+    }
+
     hlen = gre_header_len(greh->flags);
     if (hlen > dp_packet_size(packet)) {
         return -EINVAL;
author	Jesse Gross <jesse@nicira.com>	2015-03-26 16:53:39 -0700
committer	Jesse Gross <jesse@nicira.com>	2015-04-07 16:26:34 -0700
commit	6432e527ce4bc1d67b8fe8ec111817b52953b7c3 (patch)
tree	aa866933c46073a4f5819b14ec5ae9d736ff92ab /lib
parent	6625245743a8621a8eee1fd67add15120ed042f8 (diff)
download	openvswitch-6432e527ce4bc1d67b8fe8ec111817b52953b7c3.tar.gz