tcp: Fix tcp_v4_rcv()
Eric Dumazet [Tue, 9 Mar 2010 05:55:56 +0000 (05:55 +0000)]
Commit d218d111 (tcp: Generalized TTL Security Mechanism) added a bug
for TIMEWAIT sockets. We should not test min_ttl for TW sockets.

Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Acked-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/ipv4/tcp_ipv4.c

index 8d51d39..70df409 100644 (file)
@@ -1651,15 +1651,15 @@ int tcp_v4_rcv(struct sk_buff *skb)
        if (!sk)
                goto no_tcp_socket;
 
+process:
+       if (sk->sk_state == TCP_TIME_WAIT)
+               goto do_time_wait;
+
        if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {
                NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
                goto discard_and_relse;
        }
 
-process:
-       if (sk->sk_state == TCP_TIME_WAIT)
-               goto do_time_wait;
-
        if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb))
                goto discard_and_relse;
        nf_reset(skb);