summaryrefslogtreecommitdiff
path: root/net/ipv6
diff options
context:
space:
mode:
authorAnsis Atteka <aatteka@nicira.com>2013-09-18 15:29:53 -0700
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2013-10-13 16:08:30 -0700
commit68a9e707892caf0fda14656963fd99c6a1c10e46 (patch)
treeef96c22ea4cfc833ecdb25a234231f5d085d8d94 /net/ipv6
parentcd176b578d356844f68176a1e0b6346c1cc9e33d (diff)
downloadlinux-3.10-68a9e707892caf0fda14656963fd99c6a1c10e46.tar.gz
linux-3.10-68a9e707892caf0fda14656963fd99c6a1c10e46.tar.bz2
linux-3.10-68a9e707892caf0fda14656963fd99c6a1c10e46.zip
ip: generate unique IP identificator if local fragmentation is allowed
[ Upstream commit 703133de331a7a7df47f31fb9de51dc6f68a9de8 ] If local fragmentation is allowed, then ip_select_ident() and ip_select_ident_more() need to generate unique IDs to ensure correct defragmentation on the peer. For example, if IPsec (tunnel mode) has to encrypt large skbs that have local_df bit set, then all IP fragments that belonged to different ESP datagrams would have used the same identificator. If one of these IP fragments would get lost or reordered, then peer could possibly stitch together wrong IP fragments that did not belong to the same datagram. This would lead to a packet loss or data corruption. Signed-off-by: Ansis Atteka <aatteka@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'net/ipv6')
-rw-r--r--net/ipv6/sit.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index 60df36d1539..bacc415287f 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -865,7 +865,7 @@ static netdev_tx_t ipip6_tunnel_xmit(struct sk_buff *skb,
iph->ttl = iph6->hop_limit;
skb->ip_summed = CHECKSUM_NONE;
- ip_select_ident(iph, skb_dst(skb), NULL);
+ ip_select_ident(skb, skb_dst(skb), NULL);
iptunnel_xmit(skb, dev);
return NETDEV_TX_OK;