Re: [PATCH] Fix ip6_build

To:	jgrimm2@xxxxxxxxxx
Subject:	Re: [PATCH] Fix ip6_build_xmit bug
From:	"David S. Miller" <davem@xxxxxxxxxx>
Date:	Sun, 23 Mar 2003 01:22:29 -0800 (PST)
Cc:	linux-net@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to:	<3E7BAC7E.AEC59251@xxxxxxxxxx>
References:	<3E7BAC7E.AEC59251@xxxxxxxxxx>
Sender:	netdev-bounce@xxxxxxxxxxx

   From: Jon Grimm <jgrimm2@xxxxxxxxxx>
   Date: Fri, 21 Mar 2003 18:21:18 -0600

   Looks like ip6_build_xmit does not allocate room for the
   dev->hard_header_len on the non-fragmentation path as is done in other
   places.  The hard header len gets reserved even though room was not
   allocated for it.  Consequenetly, the put of the raw data can overflow
   the skb. 

   Patch below for your consideration.

Applied, but with a minor fix.  We now have a LL_RESERVED_SPACE(dev)
macro in include/linux/netdevice.h that gets this formula correct
and thus I have used it.

Thanks.

And yes we do know things are still slightly broken with ipv6
fragmentation wrt. IPSEC, and that is being actively worked on.
The IPV4 output path hacks just need to be duplicated into ipv6
before that will start working reliably.

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH] Fix ip6_build_xmit bug, Jon Grimm ip6sec MTU/fragmentation issue / Was: Re: [PATCH] Fix ip6_build_xmit bug, bert hubert Re: [PATCH] Fix ip6_build_xmit bug, David S. Miller <=

Previous by Date:	Re: [PATCH] (Updated) IPSec: IPv6 source address not set correctly in xfrm_state, David S. Miller
Next by Date:	ipv6 ipsec tunnel mode produces broken packets, Wichert Akkerman
Previous by Thread:	ip6sec MTU/fragmentation issue / Was: Re: [PATCH] Fix ip6_build_xmit bug, bert hubert
Next by Thread:	[BK PATCH] net driver merges, Jeff Garzik
Indexes:	[Date] [Thread] [Top] [All Lists]

Re: [PATCH] Fix ip6_build_xmit bug