summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/linux-grsec/0019-ipv4-check-rt_genid-in-dst_check.patch96
-rw-r--r--main/linux-grsec/APKBUILD4
2 files changed, 99 insertions, 1 deletions
diff --git a/main/linux-grsec/0019-ipv4-check-rt_genid-in-dst_check.patch b/main/linux-grsec/0019-ipv4-check-rt_genid-in-dst_check.patch
new file mode 100644
index 000000000..e1e9a655e
--- /dev/null
+++ b/main/linux-grsec/0019-ipv4-check-rt_genid-in-dst_check.patch
@@ -0,0 +1,96 @@
+From d11a4dc18bf41719c9f0d7ed494d295dd2973b92 Mon Sep 17 00:00:00 2001
+From: =?utf8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 18 Mar 2010 23:20:20 +0000
+Subject: [PATCH] ipv4: check rt_genid in dst_check
+
+Xfrm_dst keeps a reference to ipv4 rtable entries on each
+cached bundle. The only way to renew xfrm_dst when the underlying
+route has changed, is to implement dst_check for this. This is
+what ipv6 side does too.
+
+The problems started after 87c1e12b5eeb7b30b4b41291bef8e0b41fc3dde9
+("ipsec: Fix bogus bundle flowi") which fixed a bug causing xfrm_dst
+to not get reused, until that all lookups always generated new
+xfrm_dst with new route reference and path mtu worked. But after the
+fix, the old routes started to get reused even after they were expired
+causing pmtu to break (well it would occationally work if the rtable
+gc had run recently and marked the route obsolete causing dst_check to
+get called).
+
+Signed-off-by: Timo Teras <timo.teras@iki.fi>
+Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+---
+ net/ipv4/route.c | 14 ++++++++++----
+ 1 files changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/net/ipv4/route.c b/net/ipv4/route.c
+index a770df2..32d3961 100644
+--- a/net/ipv4/route.c
++++ b/net/ipv4/route.c
+@@ -1441,7 +1441,7 @@ void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw,
+ dev_hold(rt->u.dst.dev);
+ if (rt->idev)
+ in_dev_hold(rt->idev);
+- rt->u.dst.obsolete = 0;
++ rt->u.dst.obsolete = -1;
+ rt->u.dst.lastuse = jiffies;
+ rt->u.dst.path = &rt->u.dst;
+ rt->u.dst.neighbour = NULL;
+@@ -1506,7 +1506,7 @@ static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
+ struct dst_entry *ret = dst;
+
+ if (rt) {
+- if (dst->obsolete) {
++ if (dst->obsolete > 0) {
+ ip_rt_put(rt);
+ ret = NULL;
+ } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
+@@ -1726,7 +1726,9 @@ static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
+
+ static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
+ {
+- return NULL;
++ if (rt_is_expired((struct rtable *)dst))
++ return NULL;
++ return dst;
+ }
+
+ static void ipv4_dst_destroy(struct dst_entry *dst)
+@@ -1888,7 +1890,8 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
+ if (!rth)
+ goto e_nobufs;
+
+- rth->u.dst.output= ip_rt_bug;
++ rth->u.dst.output = ip_rt_bug;
++ rth->u.dst.obsolete = -1;
+
+ atomic_set(&rth->u.dst.__refcnt, 1);
+ rth->u.dst.flags= DST_HOST;
+@@ -2054,6 +2057,7 @@ static int __mkroute_input(struct sk_buff *skb,
+ rth->fl.oif = 0;
+ rth->rt_spec_dst= spec_dst;
+
++ rth->u.dst.obsolete = -1;
+ rth->u.dst.input = ip_forward;
+ rth->u.dst.output = ip_output;
+ rth->rt_genid = rt_genid(dev_net(rth->u.dst.dev));
+@@ -2218,6 +2222,7 @@ local_input:
+ goto e_nobufs;
+
+ rth->u.dst.output= ip_rt_bug;
++ rth->u.dst.obsolete = -1;
+ rth->rt_genid = rt_genid(net);
+
+ atomic_set(&rth->u.dst.__refcnt, 1);
+@@ -2444,6 +2449,7 @@ static int __mkroute_output(struct rtable **result,
+ rth->rt_spec_dst= fl->fl4_src;
+
+ rth->u.dst.output=ip_output;
++ rth->u.dst.obsolete = -1;
+ rth->rt_genid = rt_genid(dev_net(dev_out));
+
+ RT_CACHE_STAT_INC(out_slow_tot);
+--
+1.7.1
+
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index 67b03001e..471b3efb8 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -4,7 +4,7 @@ _flavor=grsec
pkgname=linux-${_flavor}
pkgver=2.6.32.15
_kernver=2.6.32
-pkgrel=5
+pkgrel=6
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs linux-firmware"
@@ -30,6 +30,7 @@ source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2
0016-xfrm-remove-policy-garbage-collection.patch
0017-flow-delayed-deletion-of-flow-cache-entries.patch
0018-xfrm-Fix-crashes-in-xfrm_lookup.patch
+ 0019-ipv4-check-rt_genid-in-dst_check.patch
xfrm-fix-policy-unreferencing-on-larval-drop.patch
r8169-fix-random-mdio_write-failures.patch
r8169-fix-mdio_read-and-update-mdio_write-according-to-hw-specs.patch
@@ -162,6 +163,7 @@ c09b82b89a49ba2a3836a0bc3a3312f4 0015-xfrm-cache-bundles-instead-of-policies-fo
41618efb65ab9ddacfb59a1cde9b4edd 0016-xfrm-remove-policy-garbage-collection.patch
3b83f0972ab715819d1119b120a987e7 0017-flow-delayed-deletion-of-flow-cache-entries.patch
45a676c7a1759fec60b724d557b4e295 0018-xfrm-Fix-crashes-in-xfrm_lookup.patch
+74e511f12854972db08d3fddc4df0f52 0019-ipv4-check-rt_genid-in-dst_check.patch
c7e606c11c05ff03012b21c3fe0ece47 xfrm-fix-policy-unreferencing-on-larval-drop.patch
ce4a74190febe13713bab1b886dd5bee r8169-fix-random-mdio_write-failures.patch
b41ee19f13498fb25992fd60cd1126d4 r8169-fix-mdio_read-and-update-mdio_write-according-to-hw-specs.patch