[patch 43/54] IPSEC: Fix panic when using inter address familiy IPsec on loopback.

From: Chris Wright
Date: Fri Jun 08 2007 - 03:58:45 EST

Next message: Chris Wright: "[patch 22/54] ntfs_init_locked_inode(): fix array indexing"
Previous message: Chris Wright: "[patch 42/54] NET: parse ip:port strings correctly in in4_pton"
In reply to: Chris Wright: "[patch 42/54] NET: parse ip:port strings correctly in in4_pton"
Next in thread: Chris Wright: "[patch 22/54] ntfs_init_locked_inode(): fix array indexing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-stable review patch. If anyone has any objections, please let us know.
---------------------

From: Kazunori MIYAZAWA <kazunori@xxxxxxxxxxxx>

---
net/ipv4/xfrm4_input.c | 6 ++----
net/ipv4/xfrm4_mode_tunnel.c | 2 ++
net/ipv6/xfrm6_input.c | 6 ++----
net/ipv6/xfrm6_mode_tunnel.c | 1 +
4 files changed, 7 insertions(+), 8 deletions(-)

--- linux-2.6.21.4.orig/net/ipv4/xfrm4_input.c
+++ linux-2.6.21.4/net/ipv4/xfrm4_input.c
@@ -138,10 +138,8 @@ int xfrm4_rcv_encap(struct sk_buff *skb,
nf_reset(skb);

if (decaps) {
- if (!(skb->dev->flags&IFF_LOOPBACK)) {
- dst_release(skb->dst);
- skb->dst = NULL;
- }
+ dst_release(skb->dst);
+ skb->dst = NULL;
netif_rx(skb);
return 0;
} else {
--- linux-2.6.21.4.orig/net/ipv4/xfrm4_mode_tunnel.c
+++ linux-2.6.21.4/net/ipv4/xfrm4_mode_tunnel.c
@@ -84,6 +84,8 @@ static int xfrm4_tunnel_output(struct xf
top_iph->saddr = x->props.saddr.a4;
top_iph->daddr = x->id.daddr.a4;

+ skb->protocol = htons(ETH_P_IP);
+
memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
return 0;
}
--- linux-2.6.21.4.orig/net/ipv6/xfrm6_input.c
+++ linux-2.6.21.4/net/ipv6/xfrm6_input.c
@@ -104,10 +104,8 @@ int xfrm6_rcv_spi(struct sk_buff *skb, _
nf_reset(skb);

if (decaps) {
- if (!(skb->dev->flags&IFF_LOOPBACK)) {
- dst_release(skb->dst);
- skb->dst = NULL;
- }
+ dst_release(skb->dst);
+ skb->dst = NULL;
netif_rx(skb);
return -1;
} else {
--- linux-2.6.21.4.orig/net/ipv6/xfrm6_mode_tunnel.c
+++ linux-2.6.21.4/net/ipv6/xfrm6_mode_tunnel.c
@@ -80,6 +80,7 @@ static int xfrm6_tunnel_output(struct xf
top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);
ipv6_addr_copy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr);
ipv6_addr_copy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr);
+ skb->protocol = htons(ETH_P_IPV6);
return 0;
}

--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chris Wright: "[patch 22/54] ntfs_init_locked_inode(): fix array indexing"
Previous message: Chris Wright: "[patch 42/54] NET: parse ip:port strings correctly in in4_pton"
In reply to: Chris Wright: "[patch 42/54] NET: parse ip:port strings correctly in in4_pton"
Next in thread: Chris Wright: "[patch 22/54] ntfs_init_locked_inode(): fix array indexing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]