From patchwork Mon Dec  1 08:58:55 2008
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: lro: IP fragment checking
Date: Sun, 30 Nov 2008 22:58:55 -0000
From: Jan-Bernd Themann <ossthema@de.ibm.com>
X-Patchwork-Id: 11537
Message-Id: <4933A74F.3050809@de.ibm.com>
To: David Miller <davem@davemloft.net>
Cc: netdev@vger.kernel.org,
 linux-kernel <linux-kernel@vger.kernel.org>, tklein@de.ibm.com,
 Christoph Raisch <raisch@de.ibm.com>, jb.billaud@gmail.com,
 hering2@de.ibm.com

This patch prevents that ip fragmented TCP packets are considered vaild
for aggregation

Regards,

Jan-Bernd

---
net/ipv4/inet_lro.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/net/ipv4/inet_lro.c b/net/ipv4/inet_lro.c
index cfd034a..1f9159d 100644
--- a/net/ipv4/inet_lro.c
+++ b/net/ipv4/inet_lro.c
@@ -64,6 +64,9 @@ static int lro_tcp_ip_check(struct iphdr *iph, struct tcphdr *tcph,
 	if (iph->ihl != IPH_LEN_WO_OPTIONS)
 		return -1;
 
+	if (iph->frag_off & IP_MF)
+		return -1;
+
 	if (tcph->cwr || tcph->ece || tcph->urg || !tcph->ack
 	    || tcph->rst || tcph->syn || tcph->fin)
 		return -1;