[NETNS]: Process IP layer in the context of the correct namespace.

	if ((qp->q.last_in&FIRST_IN) && qp->q.fragments != NULL) {

	if ((qp->q.last_in&FIRST_IN) && qp->q.fragments != NULL) {

		struct sk_buff *head = qp->q.fragments;

		struct sk_buff *head = qp->q.fragments;

		struct net *net;

		net = container_of(qp->q.net, struct net, ipv4.frags);

		/* Send an ICMP "Fragment Reassembly Timeout" message. */

		/* Send an ICMP "Fragment Reassembly Timeout" message. */

		if ((head->dev = dev_get_by_index(&init_net, qp->iif)) != NULL) {

		if ((head->dev = dev_get_by_index(net, qp->iif)) != NULL) {

			icmp_send(head, ICMP_TIME_EXCEEDED, ICMP_EXC_FRAGTIME, 0);

			icmp_send(head, ICMP_TIME_EXCEEDED, ICMP_EXC_FRAGTIME, 0);

			dev_put(head->dev);

			dev_put(head->dev);

		}

		}

	struct ip_ra_chain *ra;

	struct ip_ra_chain *ra;

	u8 protocol = ip_hdr(skb)->protocol;

	u8 protocol = ip_hdr(skb)->protocol;

	struct sock *last = NULL;

	struct sock *last = NULL;

	struct net_device *dev = skb->dev;

	read_lock(&ip_ra_lock);

	read_lock(&ip_ra_lock);

	for (ra = ip_ra_chain; ra; ra = ra->next) {

	for (ra = ip_ra_chain; ra; ra = ra->next) {

		 */

		 */

		if (sk && inet_sk(sk)->num == protocol &&

		if (sk && inet_sk(sk)->num == protocol &&

		    (!sk->sk_bound_dev_if ||

		    (!sk->sk_bound_dev_if ||

		     sk->sk_bound_dev_if == skb->dev->ifindex)) {

		     sk->sk_bound_dev_if == dev->ifindex) &&

		    sk->sk_net == dev->nd_net) {

			if (ip_hdr(skb)->frag_off & htons(IP_MF | IP_OFFSET)) {

			if (ip_hdr(skb)->frag_off & htons(IP_MF | IP_OFFSET)) {

				if (ip_defrag(skb, IP_DEFRAG_CALL_RA_CHAIN)) {

				if (ip_defrag(skb, IP_DEFRAG_CALL_RA_CHAIN)) {

					read_unlock(&ip_ra_lock);

					read_unlock(&ip_ra_lock);

	opt = &(IPCB(skb)->opt);

	opt = &(IPCB(skb)->opt);

	opt->optlen = iph->ihl*4 - sizeof(struct iphdr);

	opt->optlen = iph->ihl*4 - sizeof(struct iphdr);

	if (ip_options_compile(&init_net, opt, skb)) {

	if (ip_options_compile(dev->nd_net, opt, skb)) {

		IP_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS);

		IP_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS);

		goto drop;

		goto drop;

	}

	}

						__be32 addr;

						__be32 addr;

						memcpy(&addr, sptr+soffset-1, 4);

						memcpy(&addr, sptr+soffset-1, 4);

						if (inet_addr_type(&init_net, addr) != RTN_LOCAL) {

						if (inet_addr_type(skb->dst->dev->nd_net, addr) != RTN_LOCAL) {

							dopt->ts_needtime = 1;

							dopt->ts_needtime = 1;

							soffset += 8;

							soffset += 8;

						}

						}

			 * itself out.

			 * itself out.

			 */

			 */

			security_sk_classify_flow(sk, &fl);

			security_sk_classify_flow(sk, &fl);

			if (ip_route_output_flow(&init_net, &rt, &fl, sk, 0))

			if (ip_route_output_flow(sk->sk_net, &rt, &fl, sk, 0))

				goto no_route;

				goto no_route;

		}

		}

		sk_setup_caps(sk, &rt->u.dst);

		sk_setup_caps(sk, &rt->u.dst);

		struct ip_options * opt = NULL;

		struct ip_options * opt = NULL;

		if (optlen > 40 || optlen < 0)

		if (optlen > 40 || optlen < 0)

			goto e_inval;

			goto e_inval;

		err = ip_options_get_from_user(&init_net, &opt, optval, optlen);

		err = ip_options_get_from_user(sk->sk_net, &opt,

					       optval, optlen);

		if (err)

		if (err)

			break;

			break;

		if (inet->is_icsk) {

		if (inet->is_icsk) {

				err = 0;

				err = 0;

				break;

				break;

			}

			}

			dev = ip_dev_find(&init_net, mreq.imr_address.s_addr);

			dev = ip_dev_find(sk->sk_net, mreq.imr_address.s_addr);

			if (dev) {

			if (dev) {

				mreq.imr_ifindex = dev->ifindex;

				mreq.imr_ifindex = dev->ifindex;

				dev_put(dev);

				dev_put(dev);

			}

			}

		} else

		} else

			dev = __dev_get_by_index(&init_net, mreq.imr_ifindex);

			dev = __dev_get_by_index(sk->sk_net, mreq.imr_ifindex);

		err = -EADDRNOTAVAIL;

		err = -EADDRNOTAVAIL;