[PATCH 4.18 101/150] Revert "netfilter: ipv6: nf_defrag: drop skb dst before queueing"

From: Greg Kroah-Hartman
Date: Fri Nov 02 2018 - 14:42:57 EST


4.18-stable review patch. If anyone has any objections, please let me know.

------------------

This reverts commit 84379c9afe011020e797e3f50a662b08a6355dcf.

>From Florian Westphal <fw@xxxxxxxxx>:

It causes kernel crash for locally generated ipv6 fragments
when netfilter ipv6 defragmentation is used.

The faulty commit is not essential for -stable, it only
delays netns teardown for longer than needed when that netns
still has ipv6 frags queued. Much better than crash :-/

Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
net/ipv6/netfilter/nf_conntrack_reasm.c | 2 --
1 file changed, 2 deletions(-)

diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c
index e4d9e6976d3c..a452d99c9f52 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -585,8 +585,6 @@ int nf_ct_frag6_gather(struct net *net, struct sk_buff *skb, u32 user)
fq->q.meat == fq->q.len &&
nf_ct_frag6_reasm(fq, skb, dev))
ret = 0;
- else
- skb_dst_drop(skb);

out_unlock:
spin_unlock_bh(&fq->q.lock);
--
2.17.1