On Feb 1, 2013, at 6:58 PM, Jesse Gross <[email protected]> wrote: > Some tunnel code in OVS (for example, CAPWAP) uses the skb->cb to > store information while processing packets. However, if we don't > find an appropriate tunnel port on receive, then we send an ICMP > port unreachable message, which calls back into the IP stack. The > stack assumes that skb->cb will still contain valid information > about from the IP layer, including any IP options. As a result, > icmp_echo_options() can read the garbage values from STT and > overwrite data on the stack, panicing the machine. > > This simply stops sending ICMP messages when ports are not found. > Many people find them confusing and flow based tunneling will > never send them (since it always finds a port) so it solves both > problems at once. > > Bug #14880 > > Reported-by: Deepesh Govindan <[email protected]> > Signed-off-by: Jesse Gross <[email protected]>
Looks straightforward enough to me, thanks for the nice explanation Jesse. Acked-by: Kyle Mestery <[email protected]> _______________________________________________ dev mailing list [email protected] http://openvswitch.org/mailman/listinfo/dev
