projects / linux-flexiantxendom0-natty.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ipv6: make fragment identifications less predictable, CVE-2011-2699
[linux-flexiantxendom0-natty.git] / include / net / ipv6.h
diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index 96e50e0..24175cf 100644 (file)
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h
@@ -460,17 +460,7 @@ static inline int ipv6_addr_diff(const struct in6_addr *a1, const struct in6_add
        return __ipv6_addr_diff(a1, a2, sizeof(struct in6_addr));
 }
 
-static __inline__ void ipv6_select_ident(struct frag_hdr *fhdr)
-{
-       static u32 ipv6_fragmentation_id = 1;
-       static DEFINE_SPINLOCK(ip6_id_lock);
-
-       spin_lock_bh(&ip6_id_lock);
-       fhdr->identification = htonl(ipv6_fragmentation_id);
-       if (++ipv6_fragmentation_id == 0)
-               ipv6_fragmentation_id = 1;
-       spin_unlock_bh(&ip6_id_lock);
-}
+extern void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt);
 
 /*
  *     Prototypes exported by ipv6
Port of xen3.3 xenlinux code to Ubuntu Natty kernel