git.baikalelectronics.ru Git - kernel.git/commit

author	Steffen Klassert <steffen.klassert@secunet.com>
	Tue, 17 Jun 2008 23:37:13 +0000 (16:37 -0700)
committer	David S. Miller <davem@davemloft.net>
	Tue, 17 Jun 2008 23:38:23 +0000 (16:38 -0700)
commit	70fd398de908c13b7cc86c66be393767e1fb3adb
tree	5069eb9f5b9c9f881fb42dc0e2c347ef7b45036f	tree \| snapshot
parent	37a723e577122f775d43c6756f7cda5e976d3908	commit \| diff

xfrm: fix fragmentation for ipv4 xfrm tunnel

When generating the ip header for the transformed packet we just copy
the frag_off field of the ip header from the original packet to the ip
header of the new generated packet. If we receive a packet as a chain
of fragments, all but the last of the new generated packets have the
IP_MF flag set. We have to mask the frag_off field to only keep the
IP_DF flag from the original packet. This got lost with git commit
12f121bcabfd5412e9704a2a1cd3ad9832ab3654 ("[IPSEC]: Separate
inner/outer mode processing on output")

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>