releases/2.6.20.14/ipsec-fix-panic-when-using-inter-address-familiy-ipsec-on-loopback.patch

   1 From stable-bounces@linux.kernel.org  Wed Jun  6 22:41:41 2007
   2 Date: Wed, 06 Jun 2007 22:41:52 -0700 (PDT)
   3 Message-Id: <20070606.224152.68156938.davem@davemloft.net>
   4 To: stable@kernel.org
   5 From: David Miller <davem@davemloft.net>
   6 Cc: bunk@stusta.de
   7 Subject: IPSEC: Fix panic when using inter address familiy IPsec on loopback.
   8
   9 From: Kazunori MIYAZAWA <kazunori@miyazawa.org>
  10
  11 Signed-off-by: Kazunori MIYAZAWA <kazunori@miyazawa.org>
  12 Signed-off-by: David S. Miller <davem@davemloft.net>
  13 Signed-off-by: Chris Wright <chrisw@sous-sol.org>
  14
  15 ---
  16  net/ipv4/xfrm4_input.c       |    6 ++----
  17  net/ipv4/xfrm4_mode_tunnel.c |    2 ++
  18  net/ipv6/xfrm6_input.c       |    6 ++----
  19  net/ipv6/xfrm6_mode_tunnel.c |    1 +
  20  4 files changed, 7 insertions(+), 8 deletions(-)
  21
  22 --- linux-2.6.20.13.orig/net/ipv4/xfrm4_input.c
  23 +++ linux-2.6.20.13/net/ipv4/xfrm4_input.c
  24 @@ -136,10 +136,8 @@ int xfrm4_rcv_encap(struct sk_buff *skb,
  25         nf_reset(skb);
  26
  27         if (decaps) {
  28 -               if (!(skb->dev->flags&IFF_LOOPBACK)) {
  29 -                       dst_release(skb->dst);
  30 -                       skb->dst = NULL;
  31 -               }
  32 +               dst_release(skb->dst);
  33 +               skb->dst = NULL;
  34                 netif_rx(skb);
  35                 return 0;
  36         } else {
  37 --- linux-2.6.20.13.orig/net/ipv4/xfrm4_mode_tunnel.c
  38 +++ linux-2.6.20.13/net/ipv4/xfrm4_mode_tunnel.c
  39 @@ -66,6 +66,8 @@ static int xfrm4_tunnel_output(struct xf
  40         top_iph->daddr = x->id.daddr.a4;
  41         top_iph->protocol = IPPROTO_IPIP;
  42
  43 +       skb->protocol = htons(ETH_P_IP);
  44 +
  45         memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
  46         return 0;
  47  }
  48 --- linux-2.6.20.13.orig/net/ipv6/xfrm6_input.c
  49 +++ linux-2.6.20.13/net/ipv6/xfrm6_input.c
  50 @@ -103,10 +103,8 @@ int xfrm6_rcv_spi(struct sk_buff *skb, _
  51         nf_reset(skb);
  52
  53         if (decaps) {
  54 -               if (!(skb->dev->flags&IFF_LOOPBACK)) {
  55 -                       dst_release(skb->dst);
  56 -                       skb->dst = NULL;
  57 -               }
  58 +               dst_release(skb->dst);
  59 +               skb->dst = NULL;
  60                 netif_rx(skb);
  61                 return -1;
  62         } else {
  63 --- linux-2.6.20.13.orig/net/ipv6/xfrm6_mode_tunnel.c
  64 +++ linux-2.6.20.13/net/ipv6/xfrm6_mode_tunnel.c
  65 @@ -65,6 +65,7 @@ static int xfrm6_tunnel_output(struct xf
  66         top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);
  67         ipv6_addr_copy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr);
  68         ipv6_addr_copy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr);
  69 +       skb->protocol = htons(ETH_P_IPV6);
  70         return 0;
  71  }
  72