diff --git a/debian/changelog b/debian/changelog index a86b2556b..44bbb83c7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -9,6 +9,7 @@ linux-2.6 (3.1.6-2) UNRELEASED; urgency=low - bridge: provide a mtu() method for fake_dst_ops - net: introduce DST_NOPEER dst flag * rtc: Fix alarm rollover when day or month is out-of-range (Closes: #646429) + * l2tp: ensure sk->dst is still valid (Closes: #652503) [ Jonathan Nieder ] * prerm: Print an error message when aborting removal of the running diff --git a/debian/patches/bugfix/all/l2tp-ensure-sk-dst-is-still-valid.patch b/debian/patches/bugfix/all/l2tp-ensure-sk-dst-is-still-valid.patch new file mode 100644 index 000000000..85abb3031 --- /dev/null +++ b/debian/patches/bugfix/all/l2tp-ensure-sk-dst-is-still-valid.patch @@ -0,0 +1,38 @@ +From: Florian Westphal +Date: Fri, 25 Nov 2011 06:47:16 +0000 +Subject: [PATCH] l2tp: ensure sk->dst is still valid + +commit 71b1391a41289735676be02e35239e5aa9fe6ba6 upstream. + +When using l2tp over ipsec, the tunnel will hang when rekeying +occurs. Reason is that the transformer bundle attached to the dst entry +is now in STATE_DEAD and thus xfrm_output_one() drops all packets +(XfrmOutStateExpired increases). + +Fix this by calling __sk_dst_check (which drops the stale dst +if xfrm dst->check callback finds that the bundle is no longer valid). + +Cc: James Chapman +Signed-off-by: Florian Westphal +Acked-by: Eric Dumazet +Signed-off-by: David S. Miller +--- + net/l2tp/l2tp_core.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c +index cf0f308..89ff8c6 100644 +--- a/net/l2tp/l2tp_core.c ++++ b/net/l2tp/l2tp_core.c +@@ -1072,7 +1072,7 @@ int l2tp_xmit_skb(struct l2tp_session *session, struct sk_buff *skb, int hdr_len + + /* Get routing info from the tunnel socket */ + skb_dst_drop(skb); +- skb_dst_set(skb, dst_clone(__sk_dst_get(sk))); ++ skb_dst_set(skb, dst_clone(__sk_dst_check(sk, 0))); + + inet = inet_sk(sk); + fl = &inet->cork.fl; +-- +1.7.7.3 + diff --git a/debian/patches/series/base b/debian/patches/series/base index a47e57497..86a3ad2d8 100644 --- a/debian/patches/series/base +++ b/debian/patches/series/base @@ -92,3 +92,4 @@ + bugfix/all/bridge-provide-a-mtu-method-for-fake_dst_ops.patch + bugfix/all/net-introduce-DST_NOPEER-dst-flag.patch + bugfix/all/rtc-Fix-alarm-rollover-when-day-or-month-is-out-of-r.patch ++ bugfix/all/l2tp-ensure-sk-dst-is-still-valid.patch