1
linux/net/ipv4
Steffen Klassert 43a4dea4c9 xfrm: Assign the inner mode output function to the dst entry
As it is, we assign the outer modes output function to the dst entry
when we create the xfrm bundle. This leads to two problems on interfamily
scenarios. We might insert ipv4 packets into ip6_fragment when called
from xfrm6_output. The system crashes if we try to fragment an ipv4
packet with ip6_fragment. This issue was introduced with git commit
ad0081e4 (ipv6: Fragment locally generated tunnel-mode IPSec6 packets
as needed). The second issue is, that we might insert ipv4 packets in
netfilter6 and vice versa on interfamily scenarios.

With this patch we assign the inner mode output function to the dst entry
when we create the xfrm bundle. So xfrm4_output/xfrm6_output from the inner
mode is used and the right fragmentation and netfilter functions are called.
We switch then to outer mode with the output_finish functions.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-10 15:03:34 -07:00
..
netfilter Fix common misspellings 2011-03-31 11:26:23 -03:00
af_inet.c ipv4: Create and use route lookup helpers. 2011-03-12 15:08:42 -08:00
ah4.c xfrm: Use separate low and high order bits of the sequence numbers in xfrm_skb_cb 2011-03-13 20:22:28 -07:00
arp.c net: gre: provide multicast mappings for ipv4 and ipv6 2011-03-30 00:10:47 -07:00
cipso_ipv4.c Fix common misspellings 2011-03-31 11:26:23 -03:00
datagram.c ipv4: Make output route lookup return rtable directly. 2011-03-02 14:31:35 -08:00
devinet.c sysctl: net: call unregister_net_sysctl_table where needed 2011-05-02 16:12:14 -07:00
esp4.c esp4: Add support for IPsec extended sequence numbers 2011-03-13 20:22:29 -07:00
fib_frontend.c fib: add rtnl locking in ip_fib_net_exit 2011-03-30 16:57:46 -07:00
fib_lookup.h ipv4: Fix nexthop caching wrt. scoping. 2011-03-24 18:06:47 -07:00
fib_rules.c ipv4: Use flowi4 in FIB layer. 2011-03-12 15:08:49 -08:00
fib_semantics.c ipv4: Fix nexthop caching wrt. scoping. 2011-03-24 18:06:47 -07:00
fib_trie.c ipv4: don't spam dmesg with "Using LC-trie" messages 2011-05-01 23:17:50 -07:00
gre.c
icmp.c Fix common misspellings 2011-03-31 11:26:23 -03:00
igmp.c ipv4: Create and use route lookup helpers. 2011-03-12 15:08:42 -08:00
inet_connection_sock.c Revert "tcp: disallow bind() to reuse addr/port" 2011-04-13 12:01:14 -07:00
inet_diag.c
inet_fragment.c
inet_hashtables.c
inet_lro.c
inet_timewait_sock.c tcp: fix inet_twsk_deschedule() 2011-02-19 18:59:04 -08:00
inetpeer.c inetpeer: reduce stack usage 2011-04-12 13:58:33 -07:00
ip_forward.c
ip_fragment.c net: ip_expire() must revalidate route 2011-05-04 14:04:07 -07:00
ip_gre.c ipv4: Create and use route lookup helpers. 2011-03-12 15:08:42 -08:00
ip_input.c
ip_options.c ip: ip_options_compile() resilient to NULL skb route 2011-04-14 23:26:02 -07:00
ip_output.c Fix common misspellings 2011-03-31 11:26:23 -03:00
ip_sockglue.c
ipcomp.c
ipconfig.c Fix common misspellings 2011-03-31 11:26:23 -03:00
ipip.c ipv4: Create and use route lookup helpers. 2011-03-12 15:08:42 -08:00
ipmr.c ipv4: Use flowi4 in ipmr code. 2011-03-12 15:08:49 -08:00
Kconfig ipv4: Remove fib_hash. 2011-02-01 15:35:25 -08:00
Makefile ipv4: Remove fib_hash. 2011-02-01 15:35:25 -08:00
netfilter.c netfilter: af_info: add 'strict' parameter to limit lookup to .oif 2011-04-04 17:00:54 +02:00
proc.c
protocol.c
raw.c Fix common misspellings 2011-03-31 11:26:23 -03:00
route.c net: provide cow_metrics() methods to blackhole dst_ops 2011-04-25 11:53:08 -07:00
syncookies.c net: Put fl4_* macros to struct flowi4 and use them again. 2011-03-12 15:08:54 -08:00
sysctl_net_ipv4.c net: Do not wrap sysctl igmp_max_memberships in IP_MULTICAST 2011-04-12 13:59:33 -07:00
tcp_bic.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_cong.c
tcp_cubic.c tcp_cubic: limit delayed_ack ratio to prevent divide error 2011-05-08 15:51:57 -07:00
tcp_diag.c
tcp_highspeed.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_htcp.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_hybla.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_illinois.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_input.c tcp: Make undo_ssthresh arg to tcp_undo_cwr() a bool. 2011-03-22 19:37:11 -07:00
tcp_ipv4.c ipv4: Make output route lookup return rtable directly. 2011-03-02 14:31:35 -08:00
tcp_lp.c Fix common misspellings 2011-03-31 11:26:23 -03:00
tcp_minisocks.c
tcp_output.c Merge branch 'for-linus2' of git://git.profusion.mobi/users/lucas/linux-2.6 2011-04-07 11:14:49 -07:00
tcp_probe.c
tcp_scalable.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_timer.c tcp: Remove debug macro of TCP_CHECK_TIMER 2011-02-20 11:10:14 -08:00
tcp_vegas.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_vegas.h
tcp_veno.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_westwood.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_yeah.c Fix common misspellings 2011-03-31 11:26:23 -03:00
tcp.c tcp: ioctl type SIOCOUTQNSD returns amount of data not sent 2011-03-09 14:08:09 -08:00
tunnel4.c
udp_impl.h
udp.c Fix common misspellings 2011-03-31 11:26:23 -03:00
udplite.c
xfrm4_input.c
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
xfrm4_output.c xfrm: Assign the inner mode output function to the dst entry 2011-05-10 15:03:34 -07:00
xfrm4_policy.c ipv4: Fix "Set rt->rt_iif more sanely on output routes." 2011-04-07 14:04:08 -07:00
xfrm4_state.c xfrm: Assign the inner mode output function to the dst entry 2011-05-10 15:03:34 -07:00
xfrm4_tunnel.c