From 39c0ff22171091ab7eeb021070ba7a751ac10637 Mon Sep 17 00:00:00 2001 From: Joe Stringer Date: Mon, 2 May 2016 11:19:11 -0700 Subject: [PATCH] compat: ipv4: Pass struct net into ip_defrag. Upstream commit: ipv4: Pass struct net into ip_defrag and ip_check_defrag The function ip_defrag is called on both the input and the output paths of the networking stack. In particular conntrack when it is tracking outbound packets from the local machine calls ip_defrag. So add a struct net parameter and stop making ip_defrag guess which network namespace it needs to defragment packets in. Signed-off-by: "Eric W. Biederman" Acked-by: Pablo Neira Ayuso Signed-off-by: David S. Miller Upstream: 19bcf9f203c8 ("ipv4: Pass struct net into ip_defrag and ip_check_defrag") Signed-off-by: Joe Stringer Acked-by: Jesse Gross --- acinclude.m4 | 2 ++ datapath/conntrack.c | 2 +- datapath/linux/compat/include/net/ip.h | 8 ++++++-- datapath/linux/compat/ip_fragment.c | 3 +-- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/acinclude.m4 b/acinclude.m4 index 398205673..6cfb1e53e 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -372,6 +372,8 @@ AC_DEFUN([OVS_CHECK_LINUX_COMPAT], [ OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [inet_get_local_port_range.*net], [OVS_DEFINE([HAVE_INET_GET_LOCAL_PORT_RANGE_USING_NET])]) + OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [ip_defrag.*net], + [OVS_DEFINE([HAVE_IP_DEFRAG_TAKES_NET])]) OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [ip_do_fragment]) OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [ip_is_fragment]) OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [ip_skb_dst_mtu]) diff --git a/datapath/conntrack.c b/datapath/conntrack.c index c365e2e20..548a05fc2 100644 --- a/datapath/conntrack.c +++ b/datapath/conntrack.c @@ -322,7 +322,7 @@ static int handle_fragments(struct net *net, struct sw_flow_key *key, int err; memset(IPCB(skb), 0, sizeof(struct inet_skb_parm)); - err = ip_defrag(skb, user); + err = ip_defrag(net, skb, user); if (err) return err; diff --git a/datapath/linux/compat/include/net/ip.h b/datapath/linux/compat/include/net/ip.h index 54532de20..0fb13913e 100644 --- a/datapath/linux/compat/include/net/ip.h +++ b/datapath/linux/compat/include/net/ip.h @@ -116,7 +116,7 @@ static inline int rpl_ip_do_fragment(struct sock *sk, struct sk_buff *skb, #define ip_do_fragment rpl_ip_do_fragment #endif /* IP_DO_FRAGMENT */ -int rpl_ip_defrag(struct sk_buff *skb, u32 user); +int rpl_ip_defrag(struct net *net, struct sk_buff *skb, u32 user); #define ip_defrag rpl_ip_defrag int __init rpl_ipfrag_init(void); void rpl_ipfrag_fini(void); @@ -127,10 +127,14 @@ void rpl_ipfrag_fini(void); * ("inet: frag: Always orphan skbs inside ip_defrag()"), but it should be * always included in kernels 4.5+. */ #if LINUX_VERSION_CODE < KERNEL_VERSION(4,5,0) -static inline int rpl_ip_defrag(struct sk_buff *skb, u32 user) +static inline int rpl_ip_defrag(struct net *net, struct sk_buff *skb, u32 user) { skb_orphan(skb); +#ifndef HAVE_IP_DEFRAG_TAKES_NET return ip_defrag(skb, user); +#else + return ip_defrag(net, skb, user); +#endif } #define ip_defrag rpl_ip_defrag #endif diff --git a/datapath/linux/compat/ip_fragment.c b/datapath/linux/compat/ip_fragment.c index 66b56aa4c..8d01088ab 100644 --- a/datapath/linux/compat/ip_fragment.c +++ b/datapath/linux/compat/ip_fragment.c @@ -674,11 +674,10 @@ out_fail: } /* Process an incoming IP datagram fragment. */ -int rpl_ip_defrag(struct sk_buff *skb, u32 user) +int rpl_ip_defrag(struct net *net, struct sk_buff *skb, u32 user) { struct net_device *dev = skb->dev ? : skb_dst(skb)->dev; int vif = vrf_master_ifindex_rcu(dev); - struct net *net = dev_net(dev); struct ipq *qp; IP_INC_STATS_BH(net, IPSTATS_MIB_REASMREQDS); -- 2.39.5