Commit 3d6c8e2f authored by David Johnson's avatar David Johnson

Whoops, didn't realize we were recording ipod patches in CVS. This one

should work for kernels circa 2.6.20.
parent 69d507fa
diff -ur linux-2.6.20/include/linux/sysctl.h linux-2.6.20-emulab/include/linux/sysctl.h
--- linux-2.6.20/include/linux/sysctl.h 2007-02-04 11:44:54.000000000 -0700
+++ linux-2.6.20-emulab/include/linux/sysctl.h 2007-02-16 16:12:31.000000000 -0700
@@ -428,6 +428,13 @@
NET_CIPSOV4_RBM_STRICTVALID=121,
NET_TCP_AVAIL_CONG_CONTROL=122,
NET_TCP_ALLOWED_CONG_CONTROL=123,
+
+ /* CONFIG_ICMP_PINGOFDEATH */
+ NET_IPV4_ICMP_POD_ENABLED=124,
+ NET_IPV4_ICMP_POD_HOST=125,
+ NET_IPV4_ICMP_POD_MASK=126,
+ NET_IPV4_ICMP_POD_KEY=127,
+ NET_IPV4_ICMP_POD_VERSION=128,
};
enum {
diff -ur linux-2.6.20/net/ipv4/Kconfig linux-2.6.20-emulab/net/ipv4/Kconfig
--- linux-2.6.20/net/ipv4/Kconfig 2007-02-04 11:44:54.000000000 -0700
+++ linux-2.6.20-emulab/net/ipv4/Kconfig 2007-02-16 16:09:01.000000000 -0700
@@ -630,5 +630,11 @@
If unsure, say N.
+#
+# Emulab special
+#
+config ICMP_PINGOFDEATH
+ bool "ICMP: ICMP Ping-of-Death (Emulab)"
+
source "net/ipv4/ipvs/Kconfig"
diff -ur linux-2.6.20/net/ipv4/icmp.c linux-2.6.20-emulab/net/ipv4/icmp.c
--- linux-2.6.20/net/ipv4/icmp.c 2007-02-04 11:44:54.000000000 -0700
+++ linux-2.6.20-emulab/net/ipv4/icmp.c 2007-02-16 16:09:01.000000000 -0700
@@ -915,6 +915,67 @@
out:;
}
+#ifdef CONFIG_ICMP_PINGOFDEATH
+#include <linux/reboot.h>
+
+int sysctl_ipod_version = 2;
+int sysctl_ipod_enabled = 0;
+u32 sysctl_ipod_host = 0xffffffff;
+u32 sysctl_ipod_mask = 0xffffffff;
+char sysctl_ipod_key[32+1] = { "SETMETOSOMETHINGTHIRTYTWOBYTES!!" };
+#define IPOD_CHECK_KEY \
+ (sysctl_ipod_key[0] != 0)
+#define IPOD_VALID_KEY(d) \
+ (strncmp(sysctl_ipod_key, (char *)(d), strlen(sysctl_ipod_key)) == 0)
+
+static void icmp_ping_of_death(struct sk_buff *skb)
+{
+ struct icmphdr *icmph = skb->h.icmph;
+ struct iphdr *iph = skb->nh.iph;
+ int doit = 0;
+
+#if 0
+ printk(KERN_INFO "IPOD: got type=6, code=%d, host=%u.%u.%u.%u\n", icmph->code, ntohs(iph->tot_len), NIPQUAD(iph->saddr));
+#endif
+
+ /*
+ * If IPOD not enabled or wrong ICMP code, ignore.
+ */
+ if (!sysctl_ipod_enabled || icmph->code != 6)
+ return;
+
+ /*
+ * First check the source address info.
+ * If host not set, ignore.
+ */
+ if (sysctl_ipod_host != 0xffffffff &&
+ (ntohl(iph->saddr) & sysctl_ipod_mask) == sysctl_ipod_host) {
+ /*
+ * Now check the key if enabled.
+ * If packet doesn't contain enough data or key
+ * is otherwise invalid, ignore.
+ */
+ if (IPOD_CHECK_KEY) {
+ if (pskb_may_pull(skb, sizeof(sysctl_ipod_key)-1) &&
+ IPOD_VALID_KEY(skb->data))
+ doit = 1;
+ } else {
+ doit = 1;
+ }
+ }
+
+ if (doit) {
+ sysctl_ipod_enabled = 0;
+ printk(KERN_CRIT "IPOD: reboot forced by %u.%u.%u.%u...\n",
+ NIPQUAD(iph->saddr));
+ machine_restart(NULL);
+ } else {
+ printk(KERN_WARNING "IPOD: from %u.%u.%u.%u rejected\n",
+ NIPQUAD(iph->saddr));
+ }
+}
+#endif
+
static void icmp_discard(struct sk_buff *skb)
{
}
@@ -1029,12 +1090,22 @@
.handler = icmp_redirect,
.error = 1,
},
+#ifdef CONFIG_ICMP_PINGOFDEATH
+ /* PING_OF_DEATH (6) */
+ [6] = {
+ .output_entry = ICMP_MIB_DUMMY,
+ .input_entry = ICMP_MIB_DUMMY,
+ .handler = icmp_ping_of_death,
+ .error = 1,
+ },
+#else
[6] = {
.output_entry = ICMP_MIB_DUMMY,
.input_entry = ICMP_MIB_INERRORS,
.handler = icmp_discard,
.error = 1,
},
+#endif
[7] = {
.output_entry = ICMP_MIB_DUMMY,
.input_entry = ICMP_MIB_INERRORS,
diff -ur linux-2.6.20/net/ipv4/sysctl_net_ipv4.c linux-2.6.20-emulab/net/ipv4/sysctl_net_ipv4.c
--- linux-2.6.20/net/ipv4/sysctl_net_ipv4.c 2007-02-04 11:44:54.000000000 -0700
+++ linux-2.6.20-emulab/net/ipv4/sysctl_net_ipv4.c 2007-02-16 16:09:01.000000000 -0700
@@ -22,6 +22,14 @@
/* From af_inet.c */
extern int sysctl_ip_nonlocal_bind;
+#ifdef CONFIG_ICMP_PINGOFDEATH
+extern int sysctl_ipod_version;
+extern int sysctl_ipod_enabled;
+extern u32 sysctl_ipod_host;
+extern u32 sysctl_ipod_mask;
+extern char sysctl_ipod_key[32+1];
+#endif
+
#ifdef CONFIG_SYSCTL
static int zero;
static int tcp_retr1_max = 255;
@@ -803,6 +811,18 @@
.proc_handler = &proc_allowed_congestion_control,
.strategy = &strategy_allowed_congestion_control,
},
+#ifdef CONFIG_ICMP_PINGOFDEATH
+ {NET_IPV4_ICMP_POD_ENABLED, "icmp_ipod_version",
+ &sysctl_ipod_version, sizeof(int), 0444, NULL, &proc_dointvec},
+ {NET_IPV4_ICMP_POD_ENABLED, "icmp_ipod_enabled",
+ &sysctl_ipod_enabled, sizeof(int), 0644, NULL, &proc_dointvec},
+ {NET_IPV4_ICMP_POD_HOST, "icmp_ipod_host",
+ &sysctl_ipod_host, sizeof(int), 0644, NULL, &proc_dointvec},
+ {NET_IPV4_ICMP_POD_MASK, "icmp_ipod_mask",
+ &sysctl_ipod_mask, sizeof(int), 0644, NULL, &proc_dointvec},
+ {NET_IPV4_ICMP_POD_KEY, "icmp_ipod_key",
+ sysctl_ipod_key, sizeof(sysctl_ipod_key), 0600, NULL, &proc_dostring, &sysctl_string},
+#endif
{ .ctl_name = 0 }
};
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment