ipv6: call ipv6_proxy_select_ident instead of ipv6_select_ident in udp6_ufo_fragment

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Matt Grant reported frequent crashes in ipv6_select_ident when
udp6_ufo_fragment is called from openvswitch on a skb that doesn't
have a dst_entry set.

ipv6_proxy_select_ident generates the frag_id without using the dst
associated with the skb. This approach was suggested by Vladislav
Yasevich.

Fixes: 0508c07f5e0c ("ipv6: Select fragment id during UFO segmentation if not set.")
Cc: Vladislav Yasevich <vyasevic@redhat.com>
Reported-by: Matt Grant <matt@mattgrant.net.nz>
Tested-by: Matt Grant <matt@mattgrant.net.nz>
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Acked-by: Vladislav Yasevich <vyasevic@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Sabrina Dubroca and committed by

David S. Miller 11 years ago 8e199dfd b314acac

+3 -5

1 changed file

expand all

net

ipv6

udp_offload.c

+3 -5

net/ipv6/udp_offload.c

··· 112 112 fptr = (struct frag_hdr *)(skb_network_header(skb) + unfrag_ip6hlen); 113 113 fptr->nexthdr = nexthdr; 114 114 fptr->reserved = 0; 115 - if (skb_shinfo(skb)->ip6_frag_id) 116 - fptr->identification = skb_shinfo(skb)->ip6_frag_id; 117 - else 118 - ipv6_select_ident(fptr, 119 - (struct rt6_info *)skb_dst(skb)); 115 + if (!skb_shinfo(skb)->ip6_frag_id) 116 + ipv6_proxy_select_ident(skb); 117 + fptr->identification = skb_shinfo(skb)->ip6_frag_id; 120 118 121 119 /* Fragment the skb. ipv6 header and the remaining fields of the 122 120 * fragment header are updated in ipv6_gso_segment()