Re: [IPSEC]: Use the correct ip_local_out function

From: David Miller
Date: Tue May 20 2008 - 17:32:57 EST

Next message: David Miller: "Re: [PATCH net-2.6] [NET] The world is not perfect patch."
Previous message: Jeff Dike: "Re: UML fails to locate address space"
In reply to: Marco Berizzi: "Re: [IPSEC]: Use the correct ip_local_out function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Tue, 20 May 2008 17:25:11 +0800

> On Wed, May 14, 2008 at 10:19:57AM +0200, Marco Berizzi wrote:
> >
> > I hope this helps.
>
> OK found the problem, it was my fault after all :)
>
> Dave, this patch needs to go into stable too.
>
> [IPSEC]: Use the correct ip_local_out function
>
> Because the IPsec output function xfrm_output_resume does its
> own dst_output call it should always call __ip_local_output
> instead of ip_local_output as the latter may invoke dst_output
> directly. Otherwise the return values from nf_hook and dst_output
> may clash as they both use the value 1 but for different purposes.
>
> When that clash occurs this can cause a packet to be used after
> it has been freed which usually leads to a crash. Because the
> offending value is only returned from dst_output with qdiscs
> such as HTB, this bug is normally not visible.
>
> Thanks to Marco Berizzi for his perseverance in tracking this
> down.
>
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Applied and queued to -stable, thanks!
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Miller: "Re: [PATCH net-2.6] [NET] The world is not perfect patch."
Previous message: Jeff Dike: "Re: UML fails to locate address space"
In reply to: Marco Berizzi: "Re: [IPSEC]: Use the correct ip_local_out function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]