From: Jiri Olsa <jolsa@redhat.com> Date: Fri, 17 Sep 2010 16:40:53 -0400 Subject: [net] ipv4/defrag: check socket type before reference Message-id: <1284741653-14539-1-git-send-email-jolsa@redhat.com> Patchwork-id: 28290 O-Subject: [PATCH RHEL5] BZ 633450 ipv4 - nodefrag: check proper socket type before reference Bugzilla: 632266 RH-Acked-by: Jarod Wilson <jarod@redhat.com> RH-Acked-by: Neil Horman <nhorman@redhat.com> RH-Acked-by: David S. Miller <davem@redhat.com> Bugzilla: 632266 [RHEL5] connectathon test hangs from KVM guests with virtio network driver https://bugzilla.redhat.com/show_bug.cgi?id=632266 Description: ============ Need to check proper socket type within ip_conntrack_defrag function before referencing the nodefrag flag. The tun driver receive path produces skbs with AF_UNSPEC socket type, causing unwanted fragmented packets going out. Brew: ===== https://brewweb.devel.redhat.com/taskinfo?taskID=2768184 Tested: ======= The connectathon tests all finish correctly now. Signed-off-by: Jarod Wilson <jarod@redhat.com> diff --git a/net/ipv4/netfilter/ip_conntrack_standalone.c b/net/ipv4/netfilter/ip_conntrack_standalone.c index 453d2aa..60e14cf 100644 --- a/net/ipv4/netfilter/ip_conntrack_standalone.c +++ b/net/ipv4/netfilter/ip_conntrack_standalone.c @@ -451,9 +451,11 @@ static unsigned int ip_conntrack_defrag(unsigned int hooknum, const struct net_device *out, int (*okfn)(struct sk_buff *)) { + struct sock *sk = (*pskb)->sk; struct inet_sock *inet = inet_sk((*pskb)->sk); - if (inet && inet->nodefrag) + if (sk && (sk->sk_family == PF_INET) && + inet->nodefrag) return NF_ACCEPT; #if !defined(CONFIG_IP_NF_NAT) && !defined(CONFIG_IP_NF_NAT_MODULE)