From: Jon Grimm <jgrimm2@us.ibm.com> Date: Fri, 21 Mar 2003 18:21:18 -0600 Looks like ip6_build_xmit does not allocate room for the dev->hard_header_len on the non-fragmentation path as is done in other places. The hard header len gets reserved even though room was not allocated for it. Consequenetly, the put of the raw data can overflow the skb. Patch below for your consideration. Applied, but with a minor fix. We now have a LL_RESERVED_SPACE(dev) macro in include/linux/netdevice.h that gets this formula correct and thus I have used it. Thanks. And yes we do know things are still slightly broken with ipv6 fragmentation wrt. IPSEC, and that is being actively worked on. The IPV4 output path hacks just need to be duplicated into ipv6 before that will start working reliably. - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
