[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#652503: linux-image-2.6.32-5-kirkwood: L2TP tunnel fails when IPSEC SA rekeys (while using the pppol2tp kernel driver)

On Sat, 2011-12-17 at 22:02 +0100, Frank L wrote:
> Package: linux-2.6
> Version: 2.6.32-38
> Severity: important
> Tags: patch
> When using a L2TP/IPSEC VPN, taking advantage of the pppol2tp kernel driver (e.g. using openl2tp), the l2tp tunnel fails when the IPSEC SA is rekeyed.
> This is fixed by a commit to kernel 3.2-rc5 (see https://github.com/torvalds/linux/commit/71b1391a41289735676be02e35239e5aa9fe6ba6 )
> I've included a version of this patch for kernel 2.6.32-38 (current Squeeze kernel) as attachment to this bugreport. This attached patch has been verified by me to be fixing the issue in Debian Squeeze.
> --- a/drivers/net/pppol2tp.c    2009-12-03 04:51:21.000000000 +0100
> +++ b/drivers/net/pppol2tp.c    2011-12-16 14:02:15.000000000 +0100
> @@ -1172,7 +1172,7 @@
>         /* Get routing info from the tunnel socket */
>         skb_dst_drop(skb);
> -       skb_dst_set(skb, dst_clone(__sk_dst_get(sk_tun)));
> +       skb_dst_set(skb, dst_clone(__sk_dst_check(sk_tun, 0)));
>         pppol2tp_skb_set_owner_w(skb, sk_tun);
>         /* Calculate UDP checksum if configured to do so */

This seems reasonable.  However, the code being changed in the original
commit is holding the socket lock, whereas this code in 2.6.32 is
instead holding a lock specific to the PPP channel.  This may be
sufficient but I'm not sure.  James, can you comment?


Ben Hutchings
Beware of programmers who carry screwdrivers. - Leonard Brandwein

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: