diff options
-rw-r--r-- | main/linux-grsec/0019-ipv4-check-rt_genid-in-dst_check.patch | 96 | ||||
-rw-r--r-- | main/linux-grsec/APKBUILD | 4 |
2 files changed, 99 insertions, 1 deletions
diff --git a/main/linux-grsec/0019-ipv4-check-rt_genid-in-dst_check.patch b/main/linux-grsec/0019-ipv4-check-rt_genid-in-dst_check.patch new file mode 100644 index 0000000000..e1e9a655e1 --- /dev/null +++ b/main/linux-grsec/0019-ipv4-check-rt_genid-in-dst_check.patch | |||
@@ -0,0 +1,96 @@ | |||
1 | From d11a4dc18bf41719c9f0d7ed494d295dd2973b92 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?utf8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> | ||
3 | Date: Thu, 18 Mar 2010 23:20:20 +0000 | ||
4 | Subject: [PATCH] ipv4: check rt_genid in dst_check | ||
5 | |||
6 | Xfrm_dst keeps a reference to ipv4 rtable entries on each | ||
7 | cached bundle. The only way to renew xfrm_dst when the underlying | ||
8 | route has changed, is to implement dst_check for this. This is | ||
9 | what ipv6 side does too. | ||
10 | |||
11 | The problems started after 87c1e12b5eeb7b30b4b41291bef8e0b41fc3dde9 | ||
12 | ("ipsec: Fix bogus bundle flowi") which fixed a bug causing xfrm_dst | ||
13 | to not get reused, until that all lookups always generated new | ||
14 | xfrm_dst with new route reference and path mtu worked. But after the | ||
15 | fix, the old routes started to get reused even after they were expired | ||
16 | causing pmtu to break (well it would occationally work if the rtable | ||
17 | gc had run recently and marked the route obsolete causing dst_check to | ||
18 | get called). | ||
19 | |||
20 | Signed-off-by: Timo Teras <timo.teras@iki.fi> | ||
21 | Acked-by: Herbert Xu <herbert@gondor.apana.org.au> | ||
22 | Signed-off-by: David S. Miller <davem@davemloft.net> | ||
23 | --- | ||
24 | net/ipv4/route.c | 14 ++++++++++---- | ||
25 | 1 files changed, 10 insertions(+), 4 deletions(-) | ||
26 | |||
27 | diff --git a/net/ipv4/route.c b/net/ipv4/route.c | ||
28 | index a770df2..32d3961 100644 | ||
29 | --- a/net/ipv4/route.c | ||
30 | +++ b/net/ipv4/route.c | ||
31 | @@ -1441,7 +1441,7 @@ void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw, | ||
32 | dev_hold(rt->u.dst.dev); | ||
33 | if (rt->idev) | ||
34 | in_dev_hold(rt->idev); | ||
35 | - rt->u.dst.obsolete = 0; | ||
36 | + rt->u.dst.obsolete = -1; | ||
37 | rt->u.dst.lastuse = jiffies; | ||
38 | rt->u.dst.path = &rt->u.dst; | ||
39 | rt->u.dst.neighbour = NULL; | ||
40 | @@ -1506,7 +1506,7 @@ static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst) | ||
41 | struct dst_entry *ret = dst; | ||
42 | |||
43 | if (rt) { | ||
44 | - if (dst->obsolete) { | ||
45 | + if (dst->obsolete > 0) { | ||
46 | ip_rt_put(rt); | ||
47 | ret = NULL; | ||
48 | } else if ((rt->rt_flags & RTCF_REDIRECTED) || | ||
49 | @@ -1726,7 +1726,9 @@ static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu) | ||
50 | |||
51 | static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie) | ||
52 | { | ||
53 | - return NULL; | ||
54 | + if (rt_is_expired((struct rtable *)dst)) | ||
55 | + return NULL; | ||
56 | + return dst; | ||
57 | } | ||
58 | |||
59 | static void ipv4_dst_destroy(struct dst_entry *dst) | ||
60 | @@ -1888,7 +1890,8 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr, | ||
61 | if (!rth) | ||
62 | goto e_nobufs; | ||
63 | |||
64 | - rth->u.dst.output= ip_rt_bug; | ||
65 | + rth->u.dst.output = ip_rt_bug; | ||
66 | + rth->u.dst.obsolete = -1; | ||
67 | |||
68 | atomic_set(&rth->u.dst.__refcnt, 1); | ||
69 | rth->u.dst.flags= DST_HOST; | ||
70 | @@ -2054,6 +2057,7 @@ static int __mkroute_input(struct sk_buff *skb, | ||
71 | rth->fl.oif = 0; | ||
72 | rth->rt_spec_dst= spec_dst; | ||
73 | |||
74 | + rth->u.dst.obsolete = -1; | ||
75 | rth->u.dst.input = ip_forward; | ||
76 | rth->u.dst.output = ip_output; | ||
77 | rth->rt_genid = rt_genid(dev_net(rth->u.dst.dev)); | ||
78 | @@ -2218,6 +2222,7 @@ local_input: | ||
79 | goto e_nobufs; | ||
80 | |||
81 | rth->u.dst.output= ip_rt_bug; | ||
82 | + rth->u.dst.obsolete = -1; | ||
83 | rth->rt_genid = rt_genid(net); | ||
84 | |||
85 | atomic_set(&rth->u.dst.__refcnt, 1); | ||
86 | @@ -2444,6 +2449,7 @@ static int __mkroute_output(struct rtable **result, | ||
87 | rth->rt_spec_dst= fl->fl4_src; | ||
88 | |||
89 | rth->u.dst.output=ip_output; | ||
90 | + rth->u.dst.obsolete = -1; | ||
91 | rth->rt_genid = rt_genid(dev_net(dev_out)); | ||
92 | |||
93 | RT_CACHE_STAT_INC(out_slow_tot); | ||
94 | -- | ||
95 | 1.7.1 | ||
96 | |||
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index 67b03001e6..471b3efb8c 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD | |||
@@ -4,7 +4,7 @@ _flavor=grsec | |||
4 | pkgname=linux-${_flavor} | 4 | pkgname=linux-${_flavor} |
5 | pkgver=2.6.32.15 | 5 | pkgver=2.6.32.15 |
6 | _kernver=2.6.32 | 6 | _kernver=2.6.32 |
7 | pkgrel=5 | 7 | pkgrel=6 |
8 | pkgdesc="Linux kernel with grsecurity" | 8 | pkgdesc="Linux kernel with grsecurity" |
9 | url=http://grsecurity.net | 9 | url=http://grsecurity.net |
10 | depends="mkinitfs linux-firmware" | 10 | depends="mkinitfs linux-firmware" |
@@ -30,6 +30,7 @@ source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2 | |||
30 | 0016-xfrm-remove-policy-garbage-collection.patch | 30 | 0016-xfrm-remove-policy-garbage-collection.patch |
31 | 0017-flow-delayed-deletion-of-flow-cache-entries.patch | 31 | 0017-flow-delayed-deletion-of-flow-cache-entries.patch |
32 | 0018-xfrm-Fix-crashes-in-xfrm_lookup.patch | 32 | 0018-xfrm-Fix-crashes-in-xfrm_lookup.patch |
33 | 0019-ipv4-check-rt_genid-in-dst_check.patch | ||
33 | xfrm-fix-policy-unreferencing-on-larval-drop.patch | 34 | xfrm-fix-policy-unreferencing-on-larval-drop.patch |
34 | r8169-fix-random-mdio_write-failures.patch | 35 | r8169-fix-random-mdio_write-failures.patch |
35 | r8169-fix-mdio_read-and-update-mdio_write-according-to-hw-specs.patch | 36 | r8169-fix-mdio_read-and-update-mdio_write-according-to-hw-specs.patch |
@@ -162,6 +163,7 @@ c09b82b89a49ba2a3836a0bc3a3312f4 0015-xfrm-cache-bundles-instead-of-policies-fo | |||
162 | 41618efb65ab9ddacfb59a1cde9b4edd 0016-xfrm-remove-policy-garbage-collection.patch | 163 | 41618efb65ab9ddacfb59a1cde9b4edd 0016-xfrm-remove-policy-garbage-collection.patch |
163 | 3b83f0972ab715819d1119b120a987e7 0017-flow-delayed-deletion-of-flow-cache-entries.patch | 164 | 3b83f0972ab715819d1119b120a987e7 0017-flow-delayed-deletion-of-flow-cache-entries.patch |
164 | 45a676c7a1759fec60b724d557b4e295 0018-xfrm-Fix-crashes-in-xfrm_lookup.patch | 165 | 45a676c7a1759fec60b724d557b4e295 0018-xfrm-Fix-crashes-in-xfrm_lookup.patch |
166 | 74e511f12854972db08d3fddc4df0f52 0019-ipv4-check-rt_genid-in-dst_check.patch | ||
165 | c7e606c11c05ff03012b21c3fe0ece47 xfrm-fix-policy-unreferencing-on-larval-drop.patch | 167 | c7e606c11c05ff03012b21c3fe0ece47 xfrm-fix-policy-unreferencing-on-larval-drop.patch |
166 | ce4a74190febe13713bab1b886dd5bee r8169-fix-random-mdio_write-failures.patch | 168 | ce4a74190febe13713bab1b886dd5bee r8169-fix-random-mdio_write-failures.patch |
167 | b41ee19f13498fb25992fd60cd1126d4 r8169-fix-mdio_read-and-update-mdio_write-according-to-hw-specs.patch | 169 | b41ee19f13498fb25992fd60cd1126d4 r8169-fix-mdio_read-and-update-mdio_write-according-to-hw-specs.patch |