[PATCH] net: Move specific fragmented packet to slow_path instead of dropping it

[Huajian Yang]

The config NF_CONNTRACK_BRIDGE will change the way fragments are processed.

Bridge does not know that it is a fragmented packet and forwards it
directly, after NF_CONNTRACK_BRIDGE is enabled, function nf_br_ip_fragment
and br_ip6_fragment will check and fraglist this packet.

This change makes layer 2 fragmented packet forwarding more similar to
ip_do_fragment, these specific packets previously dropped will go to
slow_path for further processing.

Signed-off-by: Huajian Yang <huajiany...@asrmicro.com>
---
 net/bridge/netfilter/nf_conntrack_bridge.c | 12 ++++--------
 net/ipv6/netfilter.c                       | 13 ++++---------
 2 files changed, 8 insertions(+), 17 deletions(-)

diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c 
b/net/bridge/netfilter/nf_conntrack_bridge.c
index 816bb0fde718..beac62c5d257 100644
--- a/net/bridge/netfilter/nf_conntrack_bridge.c
+++ b/net/bridge/netfilter/nf_conntrack_bridge.c
@@ -61,18 +61,14 @@ static int nf_br_ip_fragment(struct net *net, struct sock 
*sk,
                struct sk_buff *frag;
 
                if (first_len - hlen > mtu ||
-                   skb_headroom(skb) < ll_rs)
-                       goto blackhole;
-
-               if (skb_cloned(skb))
+                   (skb_headroom(skb) < ll_rs) ||
+                   skb_cloned(skb))
                        goto slow_path;
 
                skb_walk_frags(skb, frag) {
                        if (frag->len > mtu ||
-                           skb_headroom(frag) < hlen + ll_rs)
-                               goto blackhole;
-
-                       if (skb_shared(frag))
+                           (skb_headroom(frag) < hlen + ll_rs) ||
+                           skb_shared(frag))
                                goto slow_path;
                }
 
diff --git a/net/ipv6/netfilter.c b/net/ipv6/netfilter.c
index 581ce055bf52..29778e014560 100644
--- a/net/ipv6/netfilter.c
+++ b/net/ipv6/netfilter.c
@@ -165,19 +165,14 @@ int br_ip6_fragment(struct net *net, struct sock *sk, 
struct sk_buff *skb,
                struct sk_buff *frag2;
 
                if (first_len - hlen > mtu ||
-                   skb_headroom(skb) < (hroom + sizeof(struct frag_hdr)))
-                       goto blackhole;
-
-               if (skb_cloned(skb))
+                   skb_headroom(skb) < (hroom + sizeof(struct frag_hdr)) ||
+                   skb_cloned(skb))
                        goto slow_path;
 
                skb_walk_frags(skb, frag2) {
                        if (frag2->len > mtu ||
-                           skb_headroom(frag2) < (hlen + hroom + sizeof(struct 
frag_hdr)))
-                               goto blackhole;
-
-                       /* Partially cloned skb? */
-                       if (skb_shared(frag2))
+                           skb_headroom(frag2) < (hlen + hroom + sizeof(struct 
frag_hdr)) ||
+                           skb_shared(frag2))
                                goto slow_path;
                }
 
-- 
2.48.1