linux/net/ipv6
Steffen Klassert 43a4dea4c9 xfrm: Assign the inner mode output function to the dst entry
As it is, we assign the outer modes output function to the dst entry
when we create the xfrm bundle. This leads to two problems on interfamily
scenarios. We might insert ipv4 packets into ip6_fragment when called
from xfrm6_output. The system crashes if we try to fragment an ipv4
packet with ip6_fragment. This issue was introduced with git commit
ad0081e4 (ipv6: Fragment locally generated tunnel-mode IPSec6 packets
as needed). The second issue is, that we might insert ipv4 packets in
netfilter6 and vice versa on interfamily scenarios.

With this patch we assign the inner mode output function to the dst entry
when we create the xfrm bundle. So xfrm4_output/xfrm6_output from the inner
mode is used and the right fragmentation and netfilter functions are called.
We switch then to outer mode with the output_finish functions.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-10 15:03:34 -07:00
..
netfilter Fix common misspellings 2011-03-31 11:26:23 -03:00
addrconf_core.c ipv6: Remove IPV6_ADDR_RESERVED 2010-02-26 03:59:07 -08:00
addrconf.c sysctl: net: call unregister_net_sysctl_table where needed 2011-05-02 16:12:14 -07:00
addrlabel.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-27 01:03:03 -07:00
af_inet6.c Fix common misspellings 2011-03-31 11:26:23 -03:00
ah6.c xfrm: Use separate low and high order bits of the sequence numbers in xfrm_skb_cb 2011-03-13 20:22:28 -07:00
anycast.c net-next: remove useless union keyword 2010-06-10 23:31:35 -07:00
datagram.c net: Put fl6_* macros to struct flowi6 and use them again. 2011-03-12 15:08:55 -08:00
esp6.c esp6: Fix scatterlist initialization 2011-04-26 12:46:04 -07:00
exthdrs_core.c net: return operator cleanup 2010-09-23 14:33:39 -07:00
exthdrs.c ipv6: Convert to use flowi6 where applicable. 2011-03-12 15:08:54 -08:00
fib6_rules.c ipv6: Convert to use flowi6 where applicable. 2011-03-12 15:08:54 -08:00
icmp.c net: Put fl6_* macros to struct flowi6 and use them again. 2011-03-12 15:08:55 -08:00
inet6_connection_sock.c Revert "tcp: disallow bind() to reuse addr/port" 2011-04-13 12:01:14 -07:00
inet6_hashtables.c Kill off warning: ‘inline’ is not at beginning of declaration 2011-01-19 15:43:08 +01:00
ip6_fib.c ipv6: Convert to use flowi6 where applicable. 2011-03-12 15:08:54 -08:00
ip6_flowlabel.c ipv6: Convert to use flowi6 where applicable. 2011-03-12 15:08:54 -08:00
ip6_input.c Merge branch 'master' of /repos/git/net-next-2.6 2010-04-20 16:02:01 +02:00
ip6_output.c Fix common misspellings 2011-03-31 11:26:23 -03:00
ip6_tunnel.c ipv6: Convert to use flowi6 where applicable. 2011-03-12 15:08:54 -08:00
ip6mr.c net: use CHECKSUM_NONE instead of magic number 2011-03-27 23:35:05 -07:00
ipcomp6.c xfrm: SA lookups signature with mark 2010-02-22 16:20:22 -08:00
ipv6_sockglue.c ipv6: Convert to use flowi6 where applicable. 2011-03-12 15:08:54 -08:00
Kconfig ipv6: ip6mr: support multiple tables 2010-05-11 14:40:55 +02:00
Makefile [IPV6] MROUTE: Support multicast forwarding. 2008-04-05 22:33:38 +09:00
mcast.c ipv6: Convert to use flowi6 where applicable. 2011-03-12 15:08:54 -08:00
mip6.c net: Put fl6_* macros to struct flowi6 and use them again. 2011-03-12 15:08:55 -08:00
ndisc.c net: gre: provide multicast mappings for ipv4 and ipv6 2011-03-30 00:10:47 -07:00
netfilter.c netfilter: af_info: add 'strict' parameter to limit lookup to .oif 2011-04-04 17:00:54 +02:00
proc.c ipv6/udp: report SndbufErrors and RcvbufErrors 2010-10-30 16:17:23 -07:00
protocol.c net: add __rcu annotations to protocol 2010-10-27 11:37:31 -07:00
raw.c net: Put fl6_* macros to struct flowi6 and use them again. 2011-03-12 15:08:55 -08:00
reassembly.c ipv6: Prepare the tree for un-inlined jhash. 2010-11-28 11:26:21 -08:00
route.c net: provide cow_metrics() methods to blackhole dst_ops 2011-04-25 11:53:08 -07:00
sit.c ipv4: Create and use route lookup helpers. 2011-03-12 15:08:42 -08:00
syncookies.c net: Put fl6_* macros to struct flowi6 and use them again. 2011-03-12 15:08:55 -08:00
sysctl_net_ipv6.c net ipv6: Fix duplicate /proc/sys/net/ipv6/neigh directory entries. 2011-03-21 18:23:34 -07:00
tcp_ipv6.c ipv6: Enable RFS sk_rxhash tracking for ipv6 sockets (v2) 2011-04-06 13:07:09 -07:00
tunnel6.c tunnels: add _rcu annotations 2010-10-25 13:09:45 -07:00
udp_impl.h net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
udp.c ipv6: udp: fix the wrong headroom check 2011-04-21 10:39:10 -07:00
udplite.c net: fix nulls list corruptions in sk_prot_alloc 2010-12-16 14:26:56 -08:00
xfrm6_input.c netfilter: ipv6: use NFPROTO values for NF_HOOK invocation 2010-03-25 16:00:49 +01:00
xfrm6_mode_beet.c ipsec: Interfamily IPSec BEET, ipv4-inner ipv6-outer 2008-08-06 02:40:25 -07:00
xfrm6_mode_ro.c
xfrm6_mode_transport.c
xfrm6_mode_tunnel.c ipv6: Use ip6_dst_hoplimit() instead of direct dst_metric() calls. 2010-12-12 21:14:46 -08:00
xfrm6_output.c xfrm: Assign the inner mode output function to the dst entry 2011-05-10 15:03:34 -07:00
xfrm6_policy.c net: Put fl6_* macros to struct flowi6 and use them again. 2011-03-12 15:08:55 -08:00
xfrm6_state.c xfrm: Assign the inner mode output function to the dst entry 2011-05-10 15:03:34 -07:00
xfrm6_tunnel.c xfrm6: make xfrm6_tunnel_free_spi local 2010-10-21 03:09:45 -07:00