Lars Persson <lists@xxxxxxx> reported that a label was unused in the 4.14 version of this patchset, and the issue was present in the 4.19 patchset as well, so I'm sending a v2 that fixes it. The original 4.19 patchset queued for stable is OK, and can be used as is, but this v2 is a bit better: it fixes the unused label issue and handles overlapping fragments better. Sorry for the mess/v2. ======================= Currently, 4.19 and earlier stable kernels contain a security fix that is not fully IPv6 standard compliant. This patchset backports IPv6 defrag fixes from 5.1rc that restore standard-compliance. Original 5.1 patchet: https://patchwork.ozlabs.org/cover/1029418/ v2 changes: handle overlapping fragments the way it is done upstream Peter Oskolkov (3): net: IP defrag: encapsulate rbtree defrag code into callable functions net: IP6 defrag: use rbtrees for IPv6 defrag net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c include/net/inet_frag.h | 16 +- include/net/ipv6_frag.h | 11 +- net/ipv4/inet_fragment.c | 293 +++++++++++++++++++++++ net/ipv4/ip_fragment.c | 302 +++--------------------- net/ipv6/netfilter/nf_conntrack_reasm.c | 260 ++++++-------------- net/ipv6/reassembly.c | 240 ++++++------------- 6 files changed, 488 insertions(+), 634 deletions(-) -- 2.21.0.593.g511ec345e18-goog
