From: Shmulik Ladkani <shmu...@metanetworks.com> Date: Mon, 29 Apr 2019 16:39:30 +0300
> Previously, during fragmentation after forwarding, skb->skb_iif isn't > preserved, i.e. 'ip_copy_metadata' does not copy skb_iif from given > 'from' skb. > > As a result, ip_do_fragment's creates fragments with zero skb_iif, > leading to inconsistent behavior. > > Assume for example an eBPF program attached at tc egress (post > forwarding) that examines __sk_buff->ingress_ifindex: > - the correct iif is observed if forwarding path does not involve > fragmentation/refragmentation > - a bogus iif is observed if forwarding path involves > fragmentation/refragmentatiom > > Fix, by preserving skb_iif during 'ip_copy_metadata'. > > Signed-off-by: Shmulik Ladkani <shmulik.ladk...@gmail.com> Applied and queued up for -stable.
