On Fri, Feb 1, 2013 at 5:04 PM, Kyle Mestery (kmestery) <kmest...@cisco.com> wrote: > On Feb 1, 2013, at 6:58 PM, Jesse Gross <je...@nicira.com> wrote: >> Some tunnel code in OVS (for example, CAPWAP) uses the skb->cb to >> store information while processing packets. However, if we don't >> find an appropriate tunnel port on receive, then we send an ICMP >> port unreachable message, which calls back into the IP stack. The >> stack assumes that skb->cb will still contain valid information >> about from the IP layer, including any IP options. As a result, >> icmp_echo_options() can read the garbage values from STT and >> overwrite data on the stack, panicing the machine. >> >> This simply stops sending ICMP messages when ports are not found. >> Many people find them confusing and flow based tunneling will >> never send them (since it always finds a port) so it solves both >> problems at once. >> >> Bug #14880 >> >> Reported-by: Deepesh Govindan <dgovin...@nicira.com> >> Signed-off-by: Jesse Gross <je...@nicira.com> > > > Looks straightforward enough to me, thanks for the nice explanation > Jesse. > > Acked-by: Kyle Mestery <kmest...@cisco.com>
Thanks for the review Kyle, I applied this patch. _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
