|
On Thu, Dec 18, 2014 at 10:41:23PM +0200, Julian Anastasov wrote:
> commit f5a41847acc5 ("ipvs: move ip_route_me_harder for ICMP")
> from 2.6.37 introduced ip_route_me_harder() call for responses to
> local clients, so that we can provide valid rt_src after SNAT.
> It was used by TCP to provide valid daddr for ip_send_reply().
> After commit 0a5ebb8000c5 ("ipv4: Pass explicit daddr arg to
> ip_send_reply()." from 3.0 this rerouting is not needed anymore
> and should be avoided, especially in LOCAL_IN.
>
> Fixes 3.12.33 crash in xfrm reported by Florian Wiessner:
> "3.12.33 - BUG xfrm_selector_match+0x25/0x2f6"
>
> Reported-by: Smart Weblications GmbH - Florian Wiessner
> <f.wiessner@xxxxxxxxxxxxxxxxxxxxx>
> Tested-by: Smart Weblications GmbH - Florian Wiessner
> <f.wiessner@xxxxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Julian Anastasov <ja@xxxxxx>
> ---
>
> Patch tested on net tree (Dec 7), 3.14.25, 3.12.33, 3.10.61.
> 3.4.104 needs a modified fix that resolves rejects, it applies
> with little fuzz on 3.2.64. Let me know if I should post
> separately 3.2 and 3.4 patches.
Sorry for missing this. I have queued it up and
sent a pull-request to Pablo.
--
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
|
