openvswitch: fix vport packet length check.

When sending a packet to a tunnel device, the dev's hard_header_len
could be larger than the skb->len in function packet_length().
In the case of ip6gretap/erspan, hard_header_len = LL_MAX_HEADER + t_hlen,
which is around 180, and an ARP packet sent to this tunnel has
skb->len = 42.  This causes the 'unsign int length' to become super
large because it is negative value, causing the later ovs_vport_send
to drop it due to over-mtu size.  The patch fixes it by setting it to 0.

Signed-off-by: William Tu <u9012063@gmail.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/openvswitch/vport.c b/net/openvswitch/vport.c
index b6c8524..f81c1d0 100644 (file)
--- a/net/openvswitch/vport.c
+++ b/net/openvswitch/vport.c
@@ -464,10 +464,10 @@ int ovs_vport_receive(struct vport *vport, struct sk_buff *skb,
        return 0;
 }
 
-static unsigned int packet_length(const struct sk_buff *skb,
-                                 struct net_device *dev)
+static int packet_length(const struct sk_buff *skb,
+                        struct net_device *dev)
 {
-       unsigned int length = skb->len - dev->hard_header_len;
+       int length = skb->len - dev->hard_header_len;
 
        if (!skb_vlan_tag_present(skb) &&
            eth_type_vlan(skb->protocol))
@@ -478,7 +478,7 @@ static unsigned int packet_length(const struct sk_buff *skb,
         * account for 802.1ad. e.g. is_skb_forwardable().
         */
 
-       return length;
+       return length > 0 ? length : 0;
 }
 
 void ovs_vport_send(struct vport *vport, struct sk_buff *skb, u8 mac_proto)