Re: [IPSEC]: Use the correct ip_local_out function
From: David Miller
Date: Tue May 20 2008 - 17:32:57 EST
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Tue, 20 May 2008 17:25:11 +0800
> On Wed, May 14, 2008 at 10:19:57AM +0200, Marco Berizzi wrote:
> > I hope this helps.
> OK found the problem, it was my fault after all :)
> Dave, this patch needs to go into stable too.
> [IPSEC]: Use the correct ip_local_out function
> Because the IPsec output function xfrm_output_resume does its
> own dst_output call it should always call __ip_local_output
> instead of ip_local_output as the latter may invoke dst_output
> directly. Otherwise the return values from nf_hook and dst_output
> may clash as they both use the value 1 but for different purposes.
> When that clash occurs this can cause a packet to be used after
> it has been freed which usually leads to a crash. Because the
> offending value is only returned from dst_output with qdiscs
> such as HTB, this bug is normally not visible.
> Thanks to Marco Berizzi for his perseverance in tracking this
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Applied and queued to -stable, thanks!
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/