Skip to content

Commit 87c1e12

Browse files
herbertxdavem330
herbertx
authored and
davem330
committed
ipsec: Fix bogus bundle flowi
When I merged the bundle creation code, I introduced a bogus flowi value in the bundle. Instead of getting from the caller, it was instead set to the flow in the route object, which is totally different. The end result is that the bundles we created never match, and we instead end up with an ever growing bundle list. Thanks to Jamal for find this problem. Reported-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Acked-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
1 parent 3a5b27b commit 87c1e12

File tree

4 files changed

+11
-7
lines changed

4 files changed

+11
-7
lines changed

include/net/xfrm.h

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -275,7 +275,8 @@ struct xfrm_policy_afinfo {
275275
struct dst_entry *dst,
276276
int nfheader_len);
277277
int (*fill_dst)(struct xfrm_dst *xdst,
278-
struct net_device *dev);
278+
struct net_device *dev,
279+
struct flowi *fl);
279280
};
280281

281282
extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo);

net/ipv4/xfrm4_policy.c

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -91,11 +91,12 @@ static int xfrm4_init_path(struct xfrm_dst *path, struct dst_entry *dst,
9191
return 0;
9292
}
9393

94-
static int xfrm4_fill_dst(struct xfrm_dst *xdst, struct net_device *dev)
94+
static int xfrm4_fill_dst(struct xfrm_dst *xdst, struct net_device *dev,
95+
struct flowi *fl)
9596
{
9697
struct rtable *rt = (struct rtable *)xdst->route;
9798

98-
xdst->u.rt.fl = rt->fl;
99+
xdst->u.rt.fl = *fl;
99100

100101
xdst->u.dst.dev = dev;
101102
dev_hold(dev);

net/ipv6/xfrm6_policy.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -116,7 +116,8 @@ static int xfrm6_init_path(struct xfrm_dst *path, struct dst_entry *dst,
116116
return 0;
117117
}
118118

119-
static int xfrm6_fill_dst(struct xfrm_dst *xdst, struct net_device *dev)
119+
static int xfrm6_fill_dst(struct xfrm_dst *xdst, struct net_device *dev,
120+
struct flowi *fl)
120121
{
121122
struct rt6_info *rt = (struct rt6_info*)xdst->route;
122123

net/xfrm/xfrm_policy.c

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1372,7 +1372,8 @@ static inline int xfrm_init_path(struct xfrm_dst *path, struct dst_entry *dst,
13721372
return err;
13731373
}
13741374

1375-
static inline int xfrm_fill_dst(struct xfrm_dst *xdst, struct net_device *dev)
1375+
static inline int xfrm_fill_dst(struct xfrm_dst *xdst, struct net_device *dev,
1376+
struct flowi *fl)
13761377
{
13771378
struct xfrm_policy_afinfo *afinfo =
13781379
xfrm_policy_get_afinfo(xdst->u.dst.ops->family);
@@ -1381,7 +1382,7 @@ static inline int xfrm_fill_dst(struct xfrm_dst *xdst, struct net_device *dev)
13811382
if (!afinfo)
13821383
return -EINVAL;
13831384

1384-
err = afinfo->fill_dst(xdst, dev);
1385+
err = afinfo->fill_dst(xdst, dev, fl);
13851386

13861387
xfrm_policy_put_afinfo(afinfo);
13871388

@@ -1486,7 +1487,7 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
14861487
for (dst_prev = dst0; dst_prev != dst; dst_prev = dst_prev->child) {
14871488
struct xfrm_dst *xdst = (struct xfrm_dst *)dst_prev;
14881489

1489-
err = xfrm_fill_dst(xdst, dev);
1490+
err = xfrm_fill_dst(xdst, dev, fl);
14901491
if (err)
14911492
goto free_dst;
14921493

0 commit comments

Comments
 (0)