On Feb 1, 2013, at 6:58 PM, Jesse Gross <je...@nicira.com> wrote: > Some tunnel code in OVS (for example, CAPWAP) uses the skb->cb to > store information while processing packets. However, if we don't > find an appropriate tunnel port on receive, then we send an ICMP > port unreachable message, which calls back into the IP stack. The > stack assumes that skb->cb will still contain valid information > about from the IP layer, including any IP options. As a result, > icmp_echo_options() can read the garbage values from STT and > overwrite data on the stack, panicing the machine. > > This simply stops sending ICMP messages when ports are not found. > Many people find them confusing and flow based tunneling will > never send them (since it always finds a port) so it solves both > problems at once. > > Bug #14880 > > Reported-by: Deepesh Govindan <dgovin...@nicira.com> > Signed-off-by: Jesse Gross <je...@nicira.com>
Looks straightforward enough to me, thanks for the nice explanation Jesse. Acked-by: Kyle Mestery <kmest...@cisco.com> _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
