renegade-project/linux-next
2
0
Fork 0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-19 10:44:14 +08:00
Code
5596732fa8
linux-next/net/ipv4
History
Steffen Klassert 5596732fa8 xfrm: Fix crash with ipv6 IPsec tunnel and NAT. 
The ipv6 xfrm output path is not aware that packets can be
rerouted by NAT to not use IPsec. We crash in this case
because we expect to have a xfrm state at the dst_entry.
This crash happens if the ipv6 layer does IPsec and NAT
or if we have an interfamily IPsec tunnel with ipv4 NAT.

We fix this by checking for a NAT rerouted packet in each
address family and dst_output() to the new destination
in this case.

Reported-by: Martin Pelikan <martin.pelikan@gmail.com>
Tested-by: Martin Pelikan <martin.pelikan@gmail.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2014-04-07 10:52:38 +02:00
..
netfilter netfilter: Can't fail and free after table replacement 2014-04-05 17:46:22 +02:00
af_inet.c net: Replace u64_stats_fetch_begin_bh to u64_stats_fetch_begin_irq 2014-03-14 22:41:36 -04:00
ah4.c ah4: Use the IPsec protocol multiplexer API 2014-02-25 07:04:17 +01:00
arp.c ipv4: arp: update neighbour address when a gratuitous arp is received and arp_accept is set 2014-01-02 00:08:38 -05:00
cipso_ipv4.c ipv4: ERROR: code indent should use tabs where possible 2013-12-26 13:43:21 -05:00
datagram.c net: Remove FLOWI_FLAG_CAN_SLEEP 2013-12-06 07:24:39 +01:00
devinet.c ipv4: Fix runtime WARNING in rtmsg_ifa() 2014-02-06 20:02:15 -08:00
esp4.c esp4: Use the IPsec protocol multiplexer API 2014-02-25 07:04:17 +01:00
fib_frontend.c ipv4: remove ip_rt_dump from route.c 2014-03-24 12:45:01 -04:00
fib_lookup.h ipv4: make fib_detect_death static 2013-12-28 17:01:46 -05:00
fib_rules.c inet: fix NULL pointer Oops in fib(6)_rule_suppress 2013-12-10 17:54:23 -05:00
fib_semantics.c ipv4: make fib_detect_death static 2013-12-28 17:01:46 -05:00
fib_trie.c seq_file: remove "%n" usage from seq_file users 2013-11-15 09:32:20 +09:00
gre_demux.c ip_tunnel: Fix dst ref-count. 2014-03-26 15:18:40 -04:00
gre_offload.c net/ipv4: don't use module_init in non-modular gre_offload 2014-01-16 16:08:27 -08:00
icmp.c ipv4: introduce hardened ip_no_pmtu_disc mode 2014-01-13 11:22:55 -08:00
igmp.c net: replace macros net_random and net_srandom with direct calls to prandom 2014-01-14 15:15:25 -08:00
inet_connection_sock.c net: replace macros net_random and net_srandom with direct calls to prandom 2014-01-14 15:15:25 -08:00
inet_diag.c inet_diag: fix inet_diag_dump_icsk() to use correct state for timewait sockets 2014-01-13 22:35:46 -08:00
inet_fragment.c inet: frag: make sure forced eviction removes all frags 2014-03-06 15:28:45 -05:00
inet_hashtables.c
inet_lro.c lro: remove dead code 2013-12-29 16:34:25 -05:00
inet_timewait_sock.c
inetpeer.c ipv4: remove unused function 2013-12-28 17:03:20 -05:00
ip_forward.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-02-19 01:24:22 -05:00
ip_fragment.c net: Add utility functions to clear rxhash 2013-12-17 16:36:21 -05:00
ip_gre.c net: gre: use icmp_hdr() to get inner ip header 2014-01-27 20:38:26 -08:00
ip_input.c net: Fix memory leak if TPROXY used with TCP early demux 2014-01-27 16:22:11 -08:00
ip_options.c ipv4: switch and case should be at the same indent 2014-01-02 03:30:36 -05:00
ip_output.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-03-05 20:32:02 -05:00
ip_sockglue.c ipv4: yet another new IP_MTU_DISCOVER option IP_PMTUDISC_OMIT 2014-02-26 15:51:00 -05:00
ip_tunnel_core.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-03-29 18:48:54 -04:00
ip_tunnel.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-03-29 18:48:54 -04:00
ip_vti.c vti4: Enable namespace changing 2014-02-25 07:04:19 +01:00
ipcomp.c ipcomp4: Use the IPsec protocol multiplexer API 2014-02-25 07:04:17 +01:00
ipconfig.c ipv4: ipconfig.c: add parentheses in an if statement 2014-02-14 00:14:23 -05:00
ipip.c ipv4: be friend with drop monitor 2014-01-18 23:08:02 -08:00
ipmr.c ipmr: fix mfc notification flags 2014-03-20 16:24:28 -04:00
Kconfig
Makefile xfrm4: Add IPsec protocol multiplexer 2014-02-25 07:04:16 +01:00
netfilter.c netfilter: remove double colon 2014-02-19 11:41:25 +01:00
ping.c ipv6: honor IPV6_PKTINFO with v4 mapped addresses on sendmsg 2014-02-19 16:28:42 -05:00
proc.c tcp: snmp stats for Fast Open, SYN rtx, and data pkts 2014-03-03 15:58:03 -05:00
protocol.c net: remove outdated comment for ipv4 and ipv6 protocol handler 2013-11-28 18:47:51 -05:00
raw.c ipv6: honor IPV6_PKTINFO with v4 mapped addresses on sendmsg 2014-02-19 16:28:42 -05:00
route.c ipv4: remove ip_rt_dump from route.c 2014-03-24 12:45:01 -04:00
syncookies.c ipv4: fix checkpatch error "space prohibited" 2013-12-26 13:43:21 -05:00
sysctl_net_ipv4.c ipv4: introduce ip_dst_mtu_maybe_forward and protect forwarding path against pmtu spoofing 2014-01-13 11:22:54 -08:00
tcp_bic.c
tcp_cong.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-03-05 20:32:02 -05:00
tcp_cubic.c tcp: switch rtt estimations to usec resolution 2014-02-26 17:08:40 -05:00
tcp_diag.c
tcp_fastopen.c
tcp_highspeed.c tcp: remove unused min_cwnd member of tcp_congestion_ops 2014-02-13 18:22:34 -05:00
tcp_htcp.c
tcp_hybla.c tcp: switch rtt estimations to usec resolution 2014-02-26 17:08:40 -05:00
tcp_illinois.c tcp: switch rtt estimations to usec resolution 2014-02-26 17:08:40 -05:00
tcp_input.c tcp: timestamp SYN+DATA messages 2014-03-10 16:15:54 -04:00
tcp_ipv4.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-03-29 18:48:54 -04:00
tcp_lp.c tcp: switch rtt estimations to usec resolution 2014-02-26 17:08:40 -05:00
tcp_memcontrol.c tcp_memcontrol: Cleanup/fix cg_proto->memory_pressure handling. 2013-12-05 21:01:01 -05:00
tcp_metrics.c tcp: switch rtt estimations to usec resolution 2014-02-26 17:08:40 -05:00
tcp_minisocks.c tcp: switch rtt estimations to usec resolution 2014-02-26 17:08:40 -05:00
tcp_offload.c tcp: do not export tcp_gso_segment() and tcp_gro_receive() 2014-01-14 18:53:48 -08:00
tcp_output.c tcp: tcp_make_synack() minor changes 2014-03-27 15:10:10 -04:00
tcp_probe.c tcp: switch rtt estimations to usec resolution 2014-02-26 17:08:40 -05:00
tcp_scalable.c tcp: remove unused min_cwnd member of tcp_congestion_ops 2014-02-13 18:22:34 -05:00
tcp_timer.c tcp: snmp stats for Fast Open, SYN rtx, and data pkts 2014-03-03 15:58:03 -05:00
tcp_vegas.c tcp: switch rtt estimations to usec resolution 2014-02-26 17:08:40 -05:00
tcp_vegas.h
tcp_veno.c tcp: switch rtt estimations to usec resolution 2014-02-26 17:08:40 -05:00
tcp_westwood.c tcp: remove unused min_cwnd member of tcp_congestion_ops 2014-02-13 18:22:34 -05:00
tcp_yeah.c tcp: switch rtt estimations to usec resolution 2014-02-26 17:08:40 -05:00
tcp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-03-05 20:32:02 -05:00
tunnel4.c
udp_diag.c
udp_impl.h
udp_offload.c net/ipv4: Use proper RCU APIs for writer-side in udp_offload.c 2014-02-04 20:01:55 -08:00
udp.c ipv6: honor IPV6_PKTINFO with v4 mapped addresses on sendmsg 2014-02-19 16:28:42 -05:00
udplite.c
xfrm4_input.c xfrm4: Add IPsec protocol multiplexer 2014-02-25 07:04:16 +01:00
xfrm4_mode_beet.c ipv4: ERROR: code indent should use tabs where possible 2013-12-26 13:43:21 -05:00
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c xfrm4: Remove xfrm_tunnel_notifier 2014-02-25 07:04:18 +01:00
xfrm4_output.c xfrm: Fix crash with ipv6 IPsec tunnel and NAT. 2014-04-07 10:52:38 +02:00
xfrm4_policy.c xfrm: Introduce xfrm_input_afinfo to access the the callbacks properly 2014-03-14 07:28:07 +01:00
xfrm4_protocol.c xfrm: Introduce xfrm_input_afinfo to access the the callbacks properly 2014-03-14 07:28:07 +01:00
xfrm4_state.c inet: make no_pmtu_disc per namespace and kill ipv4_config 2013-12-18 16:58:20 -05:00
xfrm4_tunnel.c