This Linux kernel change "ipv4: ip_tunnel: use net namespace from rtable not socket" is included in the Linux 3.16.72 release. This change is authored by Hannes Frederic Sowa <hannes [at] stressinduktion.org> on Wed Apr 8 17:01:22 2015 +0200. The commit for this change in Linux stable tree is dde9f92 (patch) which is from upstream commit 926a882. The same Linux upstream change may have been applied to various maintained Linux releases and you can find all Linux releases containing changes from upstream 926a882.
ipv4: ip_tunnel: use net namespace from rtable not socket commit 926a882f6916fd76b6f8ee858d45a2241c5e7999 upstream. The socket parameter might legally be NULL, thus sock_net is sometimes causing a NULL pointer dereference. Using net_device pointer in dst_entry is more reliable. Fixes: b6a7719aedd7e5c ("ipv4: hash net ptr into fragmentation bucket selection") Reported-by: Rick Jones <[email protected]> Cc: Rick Jones <[email protected]> Cc: David S. Miller <[email protected]> Signed-off-by: Hannes Frederic Sowa <[email protected]> Signed-off-by: David S. Miller <[email protected]> Signed-off-by: Ben Hutchings <[email protected]>
There are 3 lines of Linux source code added/deleted in this change. Code changes to Linux kernel are as follows.
net/ipv4/ip_tunnel_core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/ipv4/ip_tunnel_core.c b/net/ipv4/ip_tunnel_core.c index 8c4dcc4..ce63ab2 100644 --- a/net/ipv4/ip_tunnel_core.c +++ b/net/ipv4/ip_tunnel_core.c @@ -74,7 +74,8 @@ int iptunnel_xmit(struct sock *sk, struct rtable *rt, struct sk_buff *skb, iph->daddr = dst; iph->saddr = src; iph->ttl = ttl; - __ip_select_ident(sock_net(sk), iph, skb_shinfo(skb)->gso_segs ?: 1); + __ip_select_ident(dev_net(rt->dst.dev), iph, + skb_shinfo(skb)->gso_segs ?: 1); err = ip_local_out_sk(sk, skb); if (unlikely(net_xmit_eval(err)))