releases/2.6.21.5/ipsec-fix-panic-when-using-inter-address-familiy-ipsec-on-loopback.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From stable-bounces@linux.kernel.org  Wed Jun  6 22:41:41 2007
 Date: Wed, 06 Jun 2007 22:41:52 -0700 (PDT)
 Message-Id: <20070606.224152.68156938.davem@davemloft.net>
 To: stable@kernel.org
 From: David Miller <davem@davemloft.net>
 Cc: bunk@stusta.de
 Subject: IPSEC: Fix panic when using inter address familiy IPsec on loopback.

 From: Kazunori MIYAZAWA <kazunori@miyazawa.org>

 Signed-off-by: Kazunori MIYAZAWA <kazunori@miyazawa.org>
 Signed-off-by: David S. Miller <davem@davemloft.net>
 Signed-off-by: Chris Wright <chrisw@sous-sol.org>
 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

 ---
  net/ipv4/xfrm4_input.c       |    6 ++----
  net/ipv4/xfrm4_mode_tunnel.c |    2 ++
  net/ipv6/xfrm6_input.c       |    6 ++----
  net/ipv6/xfrm6_mode_tunnel.c |    1 +
  4 files changed, 7 insertions(+), 8 deletions(-)

 --- linux-2.6.21.4.orig/net/ipv4/xfrm4_input.c
 +++ linux-2.6.21.4/net/ipv4/xfrm4_input.c
 @@ -138,10 +138,8 @@ int xfrm4_rcv_encap(struct sk_buff *skb,
  	nf_reset(skb);

  	if (decaps) {
 -		if (!(skb->dev->flags&IFF_LOOPBACK)) {
 -			dst_release(skb->dst);
 -			skb->dst = NULL;
 -		}
 +		dst_release(skb->dst);
 +		skb->dst = NULL;
  		netif_rx(skb);
  		return 0;
  	} else {
 --- linux-2.6.21.4.orig/net/ipv4/xfrm4_mode_tunnel.c
 +++ linux-2.6.21.4/net/ipv4/xfrm4_mode_tunnel.c
 @@ -84,6 +84,8 @@ static int xfrm4_tunnel_output(struct xf
  	top_iph->saddr = x->props.saddr.a4;
  	top_iph->daddr = x->id.daddr.a4;

 +	skb->protocol = htons(ETH_P_IP);
 +
  	memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
  	return 0;
  }
 --- linux-2.6.21.4.orig/net/ipv6/xfrm6_input.c
 +++ linux-2.6.21.4/net/ipv6/xfrm6_input.c
 @@ -104,10 +104,8 @@ int xfrm6_rcv_spi(struct sk_buff *skb, _
  	nf_reset(skb);

  	if (decaps) {
 -		if (!(skb->dev->flags&IFF_LOOPBACK)) {
 -			dst_release(skb->dst);
 -			skb->dst = NULL;
 -		}
 +		dst_release(skb->dst);
 +		skb->dst = NULL;
  		netif_rx(skb);
  		return -1;
  	} else {
 --- linux-2.6.21.4.orig/net/ipv6/xfrm6_mode_tunnel.c
 +++ linux-2.6.21.4/net/ipv6/xfrm6_mode_tunnel.c
 @@ -80,6 +80,7 @@ static int xfrm6_tunnel_output(struct xf
  	top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);
  	ipv6_addr_copy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr);
  	ipv6_addr_copy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr);
 +	skb->protocol = htons(ETH_P_IPV6);
  	return 0;
  }
	From stable-bounces@linux.kernel.org Wed Jun 6 22:41:41 2007
	Date: Wed, 06 Jun 2007 22:41:52 -0700 (PDT)
	Message-Id: <20070606.224152.68156938.davem@davemloft.net>
	To: stable@kernel.org
	From: David Miller <davem@davemloft.net>
	Cc: bunk@stusta.de
	Subject: IPSEC: Fix panic when using inter address familiy IPsec on loopback.

	From: Kazunori MIYAZAWA <kazunori@miyazawa.org>

	Signed-off-by: Kazunori MIYAZAWA <kazunori@miyazawa.org>
	Signed-off-by: David S. Miller <davem@davemloft.net>
	Signed-off-by: Chris Wright <chrisw@sous-sol.org>
	Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

	---
	net/ipv4/xfrm4_input.c \| 6 ++----
	net/ipv4/xfrm4_mode_tunnel.c \| 2 ++
	net/ipv6/xfrm6_input.c \| 6 ++----
	net/ipv6/xfrm6_mode_tunnel.c \| 1 +
	4 files changed, 7 insertions(+), 8 deletions(-)

	--- linux-2.6.21.4.orig/net/ipv4/xfrm4_input.c
	+++ linux-2.6.21.4/net/ipv4/xfrm4_input.c
	@@ -138,10 +138,8 @@ int xfrm4_rcv_encap(struct sk_buff *skb,
	nf_reset(skb);

	if (decaps) {
	- if (!(skb->dev->flags&IFF_LOOPBACK)) {
	- dst_release(skb->dst);
	- skb->dst = NULL;
	- }
	+ dst_release(skb->dst);
	+ skb->dst = NULL;
	netif_rx(skb);
	return 0;
	} else {
	--- linux-2.6.21.4.orig/net/ipv4/xfrm4_mode_tunnel.c
	+++ linux-2.6.21.4/net/ipv4/xfrm4_mode_tunnel.c
	@@ -84,6 +84,8 @@ static int xfrm4_tunnel_output(struct xf
	top_iph->saddr = x->props.saddr.a4;
	top_iph->daddr = x->id.daddr.a4;

	+ skb->protocol = htons(ETH_P_IP);
	+
	memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
	return 0;
	}
	--- linux-2.6.21.4.orig/net/ipv6/xfrm6_input.c
	+++ linux-2.6.21.4/net/ipv6/xfrm6_input.c
	@@ -104,10 +104,8 @@ int xfrm6_rcv_spi(struct sk_buff *skb, _
	nf_reset(skb);

	if (decaps) {
	- if (!(skb->dev->flags&IFF_LOOPBACK)) {
	- dst_release(skb->dst);
	- skb->dst = NULL;
	- }
	+ dst_release(skb->dst);
	+ skb->dst = NULL;
	netif_rx(skb);
	return -1;
	} else {
	--- linux-2.6.21.4.orig/net/ipv6/xfrm6_mode_tunnel.c
	+++ linux-2.6.21.4/net/ipv6/xfrm6_mode_tunnel.c
	@@ -80,6 +80,7 @@ static int xfrm6_tunnel_output(struct xf
	top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);
	ipv6_addr_copy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr);
	ipv6_addr_copy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr);
	+ skb->protocol = htons(ETH_P_IPV6);
	return 0;
	}