vti6: Fix dev->max_mtu setting
authorStefano Brivio <sbrivio@redhat.com>
Thu, 15 Mar 2018 16:17:13 +0000 (17:17 +0100)
committerSteffen Klassert <steffen.klassert@secunet.com>
Mon, 19 Mar 2018 07:45:50 +0000 (08:45 +0100)
We shouldn't allow a tunnel to have IP_MAX_MTU as MTU, because
another IPv6 header is going on top of our packets. Without this
patch, we might end up building packets bigger than IP_MAX_MTU.

Fixes: b96f9afee4eb ("ipv4/6: use core net MTU range checking")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Acked-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
net/ipv6/ip6_vti.c

index 971175142e14df5b0cc8f89e020c81cb7e5fbfa9..ce18cd20389dca77418301250fb02056bde54822 100644 (file)
@@ -879,7 +879,7 @@ static void vti6_dev_setup(struct net_device *dev)
 
        dev->type = ARPHRD_TUNNEL6;
        dev->min_mtu = IPV6_MIN_MTU;
-       dev->max_mtu = IP_MAX_MTU;
+       dev->max_mtu = IP_MAX_MTU - sizeof(struct ipv6hdr);
        dev->flags |= IFF_NOARP;
        dev->addr_len = sizeof(struct in6_addr);
        netif_keep_dst(dev);