tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

ipv6: Pass struct net into nf_ct_frag6_gather

The function nf_ct_frag6_gather is called on both the input and the
output paths of the networking stack. In particular ipv6_defrag which
calls nf_ct_frag6_gather is called from both the the PRE_ROUTING chain
on input and the LOCAL_OUT chain on output.

The addition of a net parameter makes it explicit which network
namespace the packets are being reassembled in, and removes the need
for nf_ct_frag6_gather to guess.

Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Eric W. Biederman and committed by
David S. Miller b7277597 19bcf9f2

+5 -6
+1 -1
include/net/netfilter/ipv6/nf_defrag_ipv6.h
··· 5 5 6 6 int nf_ct_frag6_init(void); 7 7 void nf_ct_frag6_cleanup(void); 8 - struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb, u32 user); 8 + struct sk_buff *nf_ct_frag6_gather(struct net *net, struct sk_buff *skb, u32 user); 9 9 void nf_ct_frag6_consume_orig(struct sk_buff *skb); 10 10 11 11 struct inet_frags_ctl;
+1 -3
net/ipv6/netfilter/nf_conntrack_reasm.c
··· 563 563 return 0; 564 564 } 565 565 566 - struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb, u32 user) 566 + struct sk_buff *nf_ct_frag6_gather(struct net *net, struct sk_buff *skb, u32 user) 567 567 { 568 568 struct sk_buff *clone; 569 569 struct net_device *dev = skb->dev; 570 - struct net *net = skb_dst(skb) ? dev_net(skb_dst(skb)->dev) 571 - : dev_net(skb->dev); 572 570 struct frag_hdr *fhdr; 573 571 struct frag_queue *fq; 574 572 struct ipv6hdr *hdr;
+2 -1
net/ipv6/netfilter/nf_defrag_ipv6_hooks.c
··· 63 63 return NF_ACCEPT; 64 64 #endif 65 65 66 - reasm = nf_ct_frag6_gather(skb, nf_ct6_defrag_user(state->hook, skb)); 66 + reasm = nf_ct_frag6_gather(state->net, skb, 67 + nf_ct6_defrag_user(state->hook, skb)); 67 68 /* queued */ 68 69 if (reasm == NULL) 69 70 return NF_STOLEN;
+1 -1
net/openvswitch/conntrack.c
··· 315 315 struct sk_buff *reasm; 316 316 317 317 memset(IP6CB(skb), 0, sizeof(struct inet6_skb_parm)); 318 - reasm = nf_ct_frag6_gather(skb, user); 318 + reasm = nf_ct_frag6_gather(net, skb, user); 319 319 if (!reasm) 320 320 return -EINPROGRESS; 321 321