Hugo Santos <[EMAIL PROTECTED]> wrote: > > This patch fixes a soft lockup when encapsulated packets reach > ip6ip6_rcv() and there is no tunnel associated with it. The error > path returns a positive value (1) which will trigger ip6_input to > re-submit the packet for processing. As no skb parameters have been > changed, ip6ip6_rcv() will continue to be called on the exact same > context. Also, ip6ip6_rcv() should free the skb when discarding it.
The assessment is correct but I think this fix is wrong. > --- linux-2.6.16/net/ipv6/ip6_tunnel.c.orig 2006-03-23 16:19:19.000000000 > +0000 > +++ linux-2.6.16/net/ipv6/ip6_tunnel.c 2006-03-23 16:32:07.000000000 +0000 > @@ -557,7 +557,8 @@ ip6ip6_rcv(struct sk_buff **pskb) > read_unlock(&ip6ip6_lock); > icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0, > skb->dev); > discard: > - return 1; > + kfree_skb(skb); > + return -1; > } When xfrm6_tunnel is in use you've just made it use a freed skb. Also IPv4 has the same problem so we shold fix them both. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
