From: Jiri Pirko <jpirko@redhat.com>
Date: Mon, 8 Nov 2010 20:19:39 -0500
Subject: [net] sctp: do not reset packet during sctp_packet_config
Message-id: <20101108201938.GA2642@psychotron.redhat.com>
Patchwork-id: 29068
O-Subject: [RHEL5.6 patch] BZ637867 net: sctp: Do not reset the packet during
	sctp_packet_config().
Bugzilla: 637867
RH-Acked-by: David S. Miller <davem@redhat.com>
RH-Acked-by: Jiri Olsa <jolsa@redhat.com>
RH-Acked-by: Ivan Vecera <ivecera@redhat.com>
RH-Acked-by: Thomas Graf <tgraf@redhat.com>

BZ637867
https://bugzilla.redhat.com/show_bug.cgi?id=637867

Description:
sctp_packet_config() is called when getting the packet ready
for appending of chunks.  The function should not touch the
current state, since it's possible to ping-pong between two
transports when sending, and that can result packet corruption
followed by skb overlfow crash.

Upstream:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=4bdab43323b459900578b200a4b8cf9713ac8fab

Brew:
https://brewweb.devel.redhat.com/taskinfo?taskID=2879189

Jirka

Signed-off-by: Jiri Pirko <jpirko@redhat.com>
Signed-off-by: Jarod Wilson <jarod@redhat.com>

diff --git a/net/sctp/output.c b/net/sctp/output.c
index ce896e1..f0a6f3b 100644
--- a/net/sctp/output.c
+++ b/net/sctp/output.c
@@ -77,9 +77,6 @@ struct sctp_packet *sctp_packet_config(struct sctp_packet *packet,
 			  packet, vtag);
 
 	packet->vtag = vtag;
-	packet->has_cookie_echo = 0;
-	packet->has_sack = 0;
-	packet->ipfragok = 0;
 
 	if (ecn_capable && sctp_packet_empty(packet)) {
 		chunk = sctp_get_ecne_prepend(packet->transport->asoc);