This is a note to let you know that I've just added the patch titled
xfrm: Fix refcount imbalance in xfrm_lookup
to the 3.15-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
xfrm-fix-refcount-imbalance-in-xfrm_lookup.patch
and it can be found in the queue-3.15 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From foo@baz Fri Aug 8 08:56:13 PDT 2014
From: Steffen Klassert <steffen.klassert@xxxxxxxxxxx>
Date: Wed, 18 Jun 2014 12:34:21 +0200
Subject: xfrm: Fix refcount imbalance in xfrm_lookup
From: Steffen Klassert <steffen.klassert@xxxxxxxxxxx>
[ Upstream commit b7eea4545ea775df957460f58eb56085a8892856 ]
xfrm_lookup must return a dst_entry with a refcount for the caller.
Git commit 1a1ccc96abb ("xfrm: Remove caching of xfrm_policy_sk_bundles")
removed this refcount for the socket policy case accidentally.
This patch restores it and sets DST_NOCACHE flag to make sure
that the dst_entry is freed when the refcount becomes null.
Fixes: 1a1ccc96abb ("xfrm: Remove caching of xfrm_policy_sk_bundles")
Signed-off-by: Steffen Klassert <steffen.klassert@xxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/xfrm/xfrm_policy.c | 2 ++
1 file changed, 2 insertions(+)
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -2107,6 +2107,8 @@ struct dst_entry *xfrm_lookup(struct net
goto no_transform;
}
+ dst_hold(&xdst->u.dst);
+ xdst->u.dst.flags |= DST_NOCACHE;
route = xdst->route;
}
}
Patches currently in stable-queue which might be from steffen.klassert@xxxxxxxxxxx are
queue-3.15/xfrm-fix-refcount-imbalance-in-xfrm_lookup.patch
queue-3.15/xfrm-fix-installation-of-ah-ipsec-sas.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html