[PATCH 4.14 112/143] Revert "netfilter: ipv6: nf_defrag: drop skb dst before queueing"
From: Greg Kroah-Hartman
Date: Fri Nov 02 2018 - 14:56:17 EST
4.14-stable review patch. If anyone has any objections, please let me know.
------------------
This reverts commit 28c74ff85efd192aeca9005499ca50c24d795f61.
>From Florian Westphal <fw@xxxxxxxxx>:
It causes kernel crash for locally generated ipv6 fragments
when netfilter ipv6 defragmentation is used.
The faulty commit is not essential for -stable, it only
delays netns teardown for longer than needed when that netns
still has ipv6 frags queued. Much better than crash :-/
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
net/ipv6/netfilter/nf_conntrack_reasm.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c
index 2ed8536e10b6..611d406c4656 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -598,8 +598,6 @@ int nf_ct_frag6_gather(struct net *net, struct sk_buff *skb, u32 user)
fq->q.meat == fq->q.len &&
nf_ct_frag6_reasm(fq, skb, dev))
ret = 0;
- else
- skb_dst_drop(skb);
out_unlock:
spin_unlock_bh(&fq->q.lock);
--
2.17.1