diff options
| author | Hannes Frederic Sowa <hannes@stressinduktion.org> | 2015-10-08 18:19:53 +0200 |
|---|---|---|
| committer | Sasha Levin <sasha.levin@oracle.com> | 2016-03-14 16:55:13 -0400 |
| commit | b56579ef7dc954a42a7023922ba862e3b6396d89 (patch) | |
| tree | 9d4e76deacf8538054f2ac4023ff27bc906bc4b5 | |
| parent | c8140051f74fa6e32f84cecf60b2999526acd201 (diff) | |
| download | lwn-b56579ef7dc954a42a7023922ba862e3b6396d89.tar.gz lwn-b56579ef7dc954a42a7023922ba862e3b6396d89.zip | |
ipv6: drop frames with attached skb->sk in forwarding
[ Upstream commit 9ef2e965e55481a52d6d91ce61977a27836268d3 ]
This is a clone of commit 2ab957492d13b ("ip_forward: Drop frames with
attached skb->sk") for ipv6.
This commit has exactly the same reasons as the above mentioned commit,
namely to prevent panics during netfilter reload or a misconfigured stack.
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
| -rw-r--r-- | net/ipv6/ip6_output.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index 7b5cb003ee22..9524b4596bf5 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c @@ -374,6 +374,9 @@ int ip6_forward(struct sk_buff *skb) if (skb->pkt_type != PACKET_HOST) goto drop; + if (unlikely(skb->sk)) + goto drop; + if (skb_warn_if_lro(skb)) goto drop; |