net: clear local_df when passing skb between namespaces

[ Upstream commit 239c78db9c41a8f524cce60507440d72229d73bc ]

We must clear local_df when passing the skb between namespaces as the
packet is not local to the new namespace any more and thus may not get
fragmented by local rules. Fred Templin noticed that other namespaces
do fragment IPv6 packets while forwarding. Instead they should have send
back a PTB.

The same problem should be present when forwarding DF-IPv4 packets
between namespaces.

Reported-by: Templin, Fred L <Fred.L.Templin@boeing.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index c28c7fed0d0b6dad97faf95c404bde1efb9b11f3..743e6ebf5f9fef0364cd71e52c0c5b19c687410c 100644 (file)
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -3541,6 +3541,7 @@ void skb_scrub_packet(struct sk_buff *skb, bool xnet)
        skb->tstamp.tv64 = 0;
        skb->pkt_type = PACKET_HOST;
        skb->skb_iif = 0;
+       skb->local_df = 0;
        skb_dst_drop(skb);
        skb->mark = 0;
        secpath_reset(skb);