Upstream commit:
ipv4: Pass struct net into ip_defrag and ip_check_defrag
The function ip_defrag is called on both the input and the output
paths of the networking stack. In particular conntrack when it is
tracking outbound packets from the local machine calls ip_defrag.
So add a struct net parameter and stop making ip_defrag guess which
network namespace it needs to defragment packets in.
Signed-off-by: "Eric W. Biederman" <ebied...@xmission.com>
Acked-by: Pablo Neira Ayuso <pa...@netfilter.org>
Signed-off-by: David S. Miller <da...@davemloft.net>
Upstream: 19bcf9f203c8 ("ipv4: Pass struct net into ip_defrag and
ip_check_defrag")
Signed-off-by: Joe Stringer <j...@ovn.org>
---
v2: Initial Post.
---
acinclude.m4 | 2 ++
datapath/conntrack.c | 2 +-
datapath/linux/compat/include/net/ip.h | 8 ++++++--
datapath/linux/compat/ip_fragment.c | 3 +--
4 files changed, 10 insertions(+), 5 deletions(-)
diff --git a/acinclude.m4 b/acinclude.m4
index 398205673951..6cfb1e53ef7f 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -372,6 +372,8 @@ AC_DEFUN([OVS_CHECK_LINUX_COMPAT], [
OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [inet_get_local_port_range.*net],
[OVS_DEFINE([HAVE_INET_GET_LOCAL_PORT_RANGE_USING_NET])])
+ OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [ip_defrag.*net],
+ [OVS_DEFINE([HAVE_IP_DEFRAG_TAKES_NET])])
OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [ip_do_fragment])
OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [ip_is_fragment])
OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [ip_skb_dst_mtu])
diff --git a/datapath/conntrack.c b/datapath/conntrack.c
index c365e2e205a7..548a05fc244e 100644
--- a/datapath/conntrack.c
+++ b/datapath/conntrack.c
@@ -322,7 +322,7 @@ static int handle_fragments(struct net *net, struct
sw_flow_key *key,
int err;
memset(IPCB(skb), 0, sizeof(struct inet_skb_parm));
- err = ip_defrag(skb, user);
+ err = ip_defrag(net, skb, user);
if (err)
return err;
diff --git a/datapath/linux/compat/include/net/ip.h
b/datapath/linux/compat/include/net/ip.h
index 54532de205c3..0fb13913eecd 100644
--- a/datapath/linux/compat/include/net/ip.h
+++ b/datapath/linux/compat/include/net/ip.h
@@ -116,7 +116,7 @@ static inline int rpl_ip_do_fragment(struct sock *sk,
struct sk_buff *skb,
#define ip_do_fragment rpl_ip_do_fragment
#endif /* IP_DO_FRAGMENT */
-int rpl_ip_defrag(struct sk_buff *skb, u32 user);
+int rpl_ip_defrag(struct net *net, struct sk_buff *skb, u32 user);
#define ip_defrag rpl_ip_defrag
int __init rpl_ipfrag_init(void);
void rpl_ipfrag_fini(void);
@@ -127,10 +127,14 @@ void rpl_ipfrag_fini(void);
* ("inet: frag: Always orphan skbs inside ip_defrag()"), but it should be
* always included in kernels 4.5+. */
#if LINUX_VERSION_CODE < KERNEL_VERSION(4,5,0)
-static inline int rpl_ip_defrag(struct sk_buff *skb, u32 user)
+static inline int rpl_ip_defrag(struct net *net, struct sk_buff *skb, u32 user)
{
skb_orphan(skb);
+#ifndef HAVE_IP_DEFRAG_TAKES_NET
return ip_defrag(skb, user);
+#else
+ return ip_defrag(net, skb, user);
+#endif
}
#define ip_defrag rpl_ip_defrag
#endif
diff --git a/datapath/linux/compat/ip_fragment.c
b/datapath/linux/compat/ip_fragment.c
index 66b56aa4cfda..8d01088abc0a 100644
--- a/datapath/linux/compat/ip_fragment.c
+++ b/datapath/linux/compat/ip_fragment.c
@@ -674,11 +674,10 @@ out_fail:
}
/* Process an incoming IP datagram fragment. */
-int rpl_ip_defrag(struct sk_buff *skb, u32 user)
+int rpl_ip_defrag(struct net *net, struct sk_buff *skb, u32 user)
{
struct net_device *dev = skb->dev ? : skb_dst(skb)->dev;
int vif = vrf_master_ifindex_rcu(dev);
- struct net *net = dev_net(dev);
struct ipq *qp;
IP_INC_STATS_BH(net, IPSTATS_MIB_REASMREQDS);
--
2.1.4
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
