]>
Commit | Line | Data |
---|---|---|
e1e69077 GKH |
1 | From 5701123473ef64bae0519d22f756383b55d5bb04 Mon Sep 17 00:00:00 2001 |
2 | From: Herbert Xu <herbert@gondor.apana.org.au> | |
3 | Date: Tue, 2 Mar 2010 02:51:56 +0000 | |
4 | Subject: ipsec: Fix bogus bundle flowi | |
5 | ||
6 | From: Herbert Xu <herbert@gondor.apana.org.au> | |
7 | ||
8 | [ Upstream commit 87c1e12b5eeb7b30b4b41291bef8e0b41fc3dde9 ] | |
9 | ||
10 | When I merged the bundle creation code, I introduced a bogus | |
11 | flowi value in the bundle. Instead of getting from the caller, | |
12 | it was instead set to the flow in the route object, which is | |
13 | totally different. | |
14 | ||
15 | The end result is that the bundles we created never match, and | |
16 | we instead end up with an ever growing bundle list. | |
17 | ||
18 | Thanks to Jamal for find this problem. | |
19 | ||
20 | Reported-by: Jamal Hadi Salim <hadi@cyberus.ca> | |
21 | Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> | |
22 | Acked-by: Steffen Klassert <steffen.klassert@secunet.com> | |
23 | Acked-by: Jamal Hadi Salim <hadi@cyberus.ca> | |
24 | Signed-off-by: David S. Miller <davem@davemloft.net> | |
25 | Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> | |
26 | --- | |
27 | include/net/xfrm.h | 3 ++- | |
28 | net/ipv4/xfrm4_policy.c | 5 +++-- | |
29 | net/ipv6/xfrm6_policy.c | 3 ++- | |
30 | net/xfrm/xfrm_policy.c | 7 ++++--- | |
31 | 4 files changed, 11 insertions(+), 7 deletions(-) | |
32 | ||
33 | --- a/include/net/xfrm.h | |
34 | +++ b/include/net/xfrm.h | |
35 | @@ -274,7 +274,8 @@ struct xfrm_policy_afinfo { | |
36 | struct dst_entry *dst, | |
37 | int nfheader_len); | |
38 | int (*fill_dst)(struct xfrm_dst *xdst, | |
39 | - struct net_device *dev); | |
40 | + struct net_device *dev, | |
41 | + struct flowi *fl); | |
42 | }; | |
43 | ||
44 | extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo); | |
45 | --- a/net/ipv4/xfrm4_policy.c | |
46 | +++ b/net/ipv4/xfrm4_policy.c | |
47 | @@ -91,11 +91,12 @@ static int xfrm4_init_path(struct xfrm_d | |
48 | return 0; | |
49 | } | |
50 | ||
51 | -static int xfrm4_fill_dst(struct xfrm_dst *xdst, struct net_device *dev) | |
52 | +static int xfrm4_fill_dst(struct xfrm_dst *xdst, struct net_device *dev, | |
53 | + struct flowi *fl) | |
54 | { | |
55 | struct rtable *rt = (struct rtable *)xdst->route; | |
56 | ||
57 | - xdst->u.rt.fl = rt->fl; | |
58 | + xdst->u.rt.fl = *fl; | |
59 | ||
60 | xdst->u.dst.dev = dev; | |
61 | dev_hold(dev); | |
62 | --- a/net/ipv6/xfrm6_policy.c | |
63 | +++ b/net/ipv6/xfrm6_policy.c | |
64 | @@ -116,7 +116,8 @@ static int xfrm6_init_path(struct xfrm_d | |
65 | return 0; | |
66 | } | |
67 | ||
68 | -static int xfrm6_fill_dst(struct xfrm_dst *xdst, struct net_device *dev) | |
69 | +static int xfrm6_fill_dst(struct xfrm_dst *xdst, struct net_device *dev, | |
70 | + struct flowi *fl) | |
71 | { | |
72 | struct rt6_info *rt = (struct rt6_info*)xdst->route; | |
73 | ||
74 | --- a/net/xfrm/xfrm_policy.c | |
75 | +++ b/net/xfrm/xfrm_policy.c | |
76 | @@ -1354,7 +1354,8 @@ static inline int xfrm_init_path(struct | |
77 | return err; | |
78 | } | |
79 | ||
80 | -static inline int xfrm_fill_dst(struct xfrm_dst *xdst, struct net_device *dev) | |
81 | +static inline int xfrm_fill_dst(struct xfrm_dst *xdst, struct net_device *dev, | |
82 | + struct flowi *fl) | |
83 | { | |
84 | struct xfrm_policy_afinfo *afinfo = | |
85 | xfrm_policy_get_afinfo(xdst->u.dst.ops->family); | |
86 | @@ -1363,7 +1364,7 @@ static inline int xfrm_fill_dst(struct x | |
87 | if (!afinfo) | |
88 | return -EINVAL; | |
89 | ||
90 | - err = afinfo->fill_dst(xdst, dev); | |
91 | + err = afinfo->fill_dst(xdst, dev, fl); | |
92 | ||
93 | xfrm_policy_put_afinfo(afinfo); | |
94 | ||
95 | @@ -1468,7 +1469,7 @@ static struct dst_entry *xfrm_bundle_cre | |
96 | for (dst_prev = dst0; dst_prev != dst; dst_prev = dst_prev->child) { | |
97 | struct xfrm_dst *xdst = (struct xfrm_dst *)dst_prev; | |
98 | ||
99 | - err = xfrm_fill_dst(xdst, dev); | |
100 | + err = xfrm_fill_dst(xdst, dev, fl); | |
101 | if (err) | |
102 | goto free_dst; | |
103 |