[PATCH 3.19 018/123] ipv6: call ipv6_proxy_select_ident instead of ipv6_select_ident in udp6_ufo_fragment

From: Greg Kroah-Hartman
Date: Tue Mar 24 2015 - 13:44:37 EST

Next message: Greg Kroah-Hartman: "[PATCH 3.19 016/123] net/mlx4_en: Fix off-by-one in ethtool statistics display"
Previous message: Greg Kroah-Hartman: "[PATCH 3.19 019/123] ipv6: fix backtracking for throw routes"
In reply to: Greg Kroah-Hartman: "[PATCH 3.19 019/123] ipv6: fix backtracking for throw routes"
Next in thread: Greg Kroah-Hartman: "[PATCH 3.19 016/123] net/mlx4_en: Fix off-by-one in ethtool statistics display"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.19-stable review patch. If anyone has any objections, please let me know.

------------------

From: Sabrina Dubroca <sd@xxxxxxxxxxxxxxx>

[ Upstream commit 8e199dfd82ee097b522b00344af6448715d8ee0c ]

Matt Grant reported frequent crashes in ipv6_select_ident when
udp6_ufo_fragment is called from openvswitch on a skb that doesn't
have a dst_entry set.

ipv6_proxy_select_ident generates the frag_id without using the dst
associated with the skb. This approach was suggested by Vladislav
Yasevich.

Fixes: 0508c07f5e0c ("ipv6: Select fragment id during UFO segmentation if not set.")
Cc: Vladislav Yasevich <vyasevic@xxxxxxxxxx>
Reported-by: Matt Grant <matt@xxxxxxxxxxxxxxxx>
Tested-by: Matt Grant <matt@xxxxxxxxxxxxxxxx>
Signed-off-by: Sabrina Dubroca <sd@xxxxxxxxxxxxxxx>
Acked-by: Vladislav Yasevich <vyasevic@xxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/ipv6/udp_offload.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)

--- a/net/ipv6/udp_offload.c
+++ b/net/ipv6/udp_offload.c
@@ -112,11 +112,9 @@ static struct sk_buff *udp6_ufo_fragment
fptr = (struct frag_hdr *)(skb_network_header(skb) + unfrag_ip6hlen);
fptr->nexthdr = nexthdr;
fptr->reserved = 0;
- if (skb_shinfo(skb)->ip6_frag_id)
- fptr->identification = skb_shinfo(skb)->ip6_frag_id;
- else
- ipv6_select_ident(fptr,
- (struct rt6_info *)skb_dst(skb));
+ if (!skb_shinfo(skb)->ip6_frag_id)
+ ipv6_proxy_select_ident(skb);
+ fptr->identification = skb_shinfo(skb)->ip6_frag_id;

/* Fragment the skb. ipv6 header and the remaining fields of the
* fragment header are updated in ipv6_gso_segment()

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg Kroah-Hartman: "[PATCH 3.19 016/123] net/mlx4_en: Fix off-by-one in ethtool statistics display"
Previous message: Greg Kroah-Hartman: "[PATCH 3.19 019/123] ipv6: fix backtracking for throw routes"
In reply to: Greg Kroah-Hartman: "[PATCH 3.19 019/123] ipv6: fix backtracking for throw routes"
Next in thread: Greg Kroah-Hartman: "[PATCH 3.19 016/123] net/mlx4_en: Fix off-by-one in ethtool statistics display"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]