On Fri, Sep 30, 2016 at 11:11:07AM +0200, Nicolas Dichtel wrote:
> This is the same fix than commit a5d0dc810abf ("vti: flush x-netns xfrm
> cache when vti interface is removed")
>
> This patch fixes a refcnt problem when a x-netns vti6 interface is removed:
> unregister_netdevice: waiting for vti6_test to become free. Usage count = 1
>
> Here is a script to reproduce the problem:
>
> ip link set dev ntfp2 up
> ip addr add dev ntfp2 2001::1/64
> ip link add vti6_test type vti6 local 2001::1 remote 2001::2 key 1
> ip netns add secure
> ip link set vti6_test netns secure
> ip netns exec secure ip link set vti6_test up
> ip netns exec secure ip link s lo up
> ip netns exec secure ip addr add dev vti6_test 2003::1/64
> ip -6 xfrm policy add dir out tmpl src 2001::1 dst 2001::2 proto esp \
> mode tunnel mark 1
> ip -6 xfrm policy add dir in tmpl src 2001::2 dst 2001::1 proto esp \
> mode tunnel mark 1
> ip xfrm state add src 2001::1 dst 2001::2 proto esp spi 1 mode tunnel \
> enc des3_ede 0x112233445566778811223344556677881122334455667788 mark
> 1
> ip xfrm state add src 2001::2 dst 2001::1 proto esp spi 1 mode tunnel \
> enc des3_ede 0x112233445566778811223344556677881122334455667788 mark
> 1
> ip netns exec secure ping6 -c 4 2003::2
> ip netns del secure
>
> CC: Lance Richardson <lrich...@redhat.com>
> Signed-off-by: Nicolas Dichtel <nicolas.dich...@6wind.com>
Applied to the ipsec tree, thanks!
