leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
43a4dea4c9
linux/net
History
Steffen Klassert 43a4dea4c9 xfrm: Assign the inner mode output function to the dst entry 
As it is, we assign the outer modes output function to the dst entry
when we create the xfrm bundle. This leads to two problems on interfamily
scenarios. We might insert ipv4 packets into ip6_fragment when called
from xfrm6_output. The system crashes if we try to fragment an ipv4
packet with ip6_fragment. This issue was introduced with git commit
ad0081e4 (ipv6: Fragment locally generated tunnel-mode IPSec6 packets
as needed). The second issue is, that we might insert ipv4 packets in
netfilter6 and vice versa on interfamily scenarios.

With this patch we assign the inner mode output function to the dst entry
when we create the xfrm bundle. So xfrm4_output/xfrm6_output from the inner
mode is used and the right fragmentation and netfilter functions are called.
We switch then to outer mode with the output_finish functions.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-10 15:03:34 -07:00
..
9p Fix common misspellings 2011-03-31 11:26:23 -03:00
802 net/802: add __rcu annotations 2010-10-25 13:09:44 -07:00
8021q vlan: fix GVRP at dismantle time 2011-05-10 15:03:32 -07:00
appletalk appletalk: Fix OOPS in atalk_release(). 2011-03-31 18:59:10 -07:00
atm Merge branch 'for-linus2' of git://git.profusion.mobi/users/lucas/linux-2.6 2011-04-07 11:14:49 -07:00
ax25 net: ax25: fix information leak to userland harder 2011-01-12 00:34:49 -08:00
batman-adv Fix common misspellings 2011-03-31 11:26:23 -03:00
bluetooth Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 2011-04-22 13:21:38 -07:00
bridge Revert "bridge: Forward reserved group addresses if !STP" 2011-04-21 21:17:25 -07:00
caif caif: performance bugfix - allow radio stack to prioritize packets. 2011-04-11 13:15:58 -07:00
can can: add missing socket check in can/raw release 2011-04-20 12:37:59 -07:00
ceph Merge branch 'for-linus2' of git://git.profusion.mobi/users/lucas/linux-2.6 2011-04-07 11:14:49 -07:00
core net: dev_close() should check IFF_UP 2011-05-10 15:03:33 -07:00
dcb net: dcbnl: Update copyright dates 2011-03-14 17:02:42 -07:00
dccp dccp: handle invalid feature options length 2011-05-06 13:05:50 -07:00
decnet decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dns_resolver DNS: Fix a NULL pointer deref when trying to read an error key [CVE-2011-1076] 2011-03-04 09:56:19 +11:00
dsa dsa/mv88e6131: fix unknown multicast/broadcast forwarding on mv88e6085 2011-04-28 13:35:44 -07:00
econet econet: 4 byte infoleak to the network 2011-03-18 15:12:15 -07:00
ethernet eth: fix new kernel-doc warning 2011-01-12 19:00:40 -08:00
ieee802154 ieee802154: Remove hacked CFLAGS in net/ieee802154/Makefile 2011-04-12 15:33:23 -07:00
ipv4 xfrm: Assign the inner mode output function to the dst entry 2011-05-10 15:03:34 -07:00
ipv6 xfrm: Assign the inner mode output function to the dst entry 2011-05-10 15:03:34 -07:00
ipx ipx: fix ipx_release() 2011-03-21 18:16:39 -07:00
irda irda: fix locking unbalance in irda_sendmsg 2011-04-12 15:29:54 -07:00
iucv Fix common misspellings 2011-03-31 11:26:23 -03:00
key pfkey: fix warning 2011-03-01 22:51:52 -08:00
l2tp l2tp: fix possible oops on l2tp_eth module unload 2011-03-21 18:10:25 -07:00
lapb Net: lapb: Makefile: Remove deprecated kbuild goal definitions 2010-11-22 08:16:14 -08:00
llc llc: Fix length check in llc_fixup_skb(). 2011-04-11 18:59:05 -07:00
mac80211 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 2011-04-22 13:21:38 -07:00
netfilter Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6 2011-04-19 11:28:35 -07:00
netlabel Fix common misspellings 2011-03-31 11:26:23 -03:00
netlink Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-03-03 21:27:42 -08:00
netrom
packet af_packet: struct socket declared/assigned but unused 2011-03-07 15:51:13 -08:00
phonet Phonet: fix aligned-mode pipe socket buffer header reserve 2011-03-15 14:55:49 -07:00
rds Fix common misspellings 2011-03-31 11:26:23 -03:00
rfkill kconfig: rename CONFIG_EMBEDDED to CONFIG_EXPERT 2011-01-20 17:02:05 -08:00
rose Fix common misspellings 2011-03-31 11:26:23 -03:00
rxrpc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2011-03-16 16:29:25 -07:00
sched Fix common misspellings 2011-03-31 11:26:23 -03:00
sctp sctp: fix oops while removed transport still using as retran path 2011-04-12 19:33:51 -07:00
sunrpc Merge branch 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6 2011-04-08 11:47:35 -07:00
tipc Fix common misspellings 2011-03-31 11:26:23 -03:00
unix af_unix: Only allow recv on connected seqpacket sockets. 2011-05-01 23:16:28 -07:00
wanrouter Fix common misspellings 2011-03-31 11:26:23 -03:00
wimax
wireless Merge branch 'for-linus2' of git://git.profusion.mobi/users/lucas/linux-2.6 2011-04-07 11:14:49 -07:00
x25 Fix common misspellings 2011-03-31 11:26:23 -03:00
xfrm xfrm: Assign the inner mode output function to the dst entry 2011-05-10 15:03:34 -07:00
compat.c net: Limit socket I/O iovec total length to INT_MAX. 2010-10-28 11:47:52 -07:00
Kconfig net: RPS: Enable hardware acceleration of RFS 2011-01-24 14:53:01 -08:00
Makefile net: Enter net/ipv6/ even if CONFIG_IPV6=n 2011-03-07 12:50:52 -08:00
nonet.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
socket.c Fix common misspellings 2011-03-31 11:26:23 -03:00
sysctl_net.c
TUNABLE