[XFRM]: State selection update to use inner addresses.

Linux Kernel Mailing List Tue, 31 Jul 2007 17:00:35 -0700

Gitweb:     
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=48b8d78315bf2aef4b6b4fb41c2c94e0b6600234
Commit:     48b8d78315bf2aef4b6b4fb41c2c94e0b6600234
Parent:     196b003620f1ee8d0fc63f13f341187d63c1dc0a
Author:     Joakim Koskela <[EMAIL PROTECTED]>
AuthorDate: Thu Jul 26 00:08:42 2007 -0700
Committer:  David S. Miller <[EMAIL PROTECTED]>
CommitDate: Tue Jul 31 02:28:33 2007 -0700


    [XFRM]: State selection update to use inner addresses.
    
    This patch modifies the xfrm state selection logic to use the inner
    addresses where the outer have been (incorrectly) used. This is
    required for beet mode in general and interfamily setups in both
    tunnel and beet mode.
    
    Signed-off-by: Joakim Koskela <[EMAIL PROTECTED]>
    Signed-off-by: Herbert Xu     <[EMAIL PROTECTED]>
    Signed-off-by: Diego Beltrami <[EMAIL PROTECTED]>
    Signed-off-by: Miika Komu     <[EMAIL PROTECTED]>
    Acked-by: Patrick McHardy <[EMAIL PROTECTED]>
    Signed-off-by: David S. Miller <[EMAIL PROTECTED]>
---
 net/xfrm/xfrm_policy.c |    3 ++-
 net/xfrm/xfrm_state.c  |    4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index c3a4b0a..95a4730 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1299,7 +1299,8 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, struct 
flowi *fl,
                xfrm_address_t *local  = saddr;
                struct xfrm_tmpl *tmpl = &policy->xfrm_vec[i];
 
-               if (tmpl->mode == XFRM_MODE_TUNNEL) {
+               if (tmpl->mode == XFRM_MODE_TUNNEL ||
+                   tmpl->mode == XFRM_MODE_BEET) {
                        remote = &tmpl->id.daddr;
                        local = &tmpl->saddr;
                        family = tmpl->encap_family;
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 38f90ca..31be405 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -611,7 +611,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t 
*saddr,
                              selector.
                         */
                        if (x->km.state == XFRM_STATE_VALID) {
-                               if (!xfrm_selector_match(&x->sel, fl, family) ||
+                               if (!xfrm_selector_match(&x->sel, fl, 
x->sel.family) ||
                                    !security_xfrm_state_pol_flow_match(x, pol, 
fl))
                                        continue;
                                if (!best ||
@@ -623,7 +623,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t 
*saddr,
                                acquire_in_progress = 1;
                        } else if (x->km.state == XFRM_STATE_ERROR ||
                                   x->km.state == XFRM_STATE_EXPIRED) {
-                               if (xfrm_selector_match(&x->sel, fl, family) &&
+                               if (xfrm_selector_match(&x->sel, fl, 
x->sel.family) &&
                                    security_xfrm_state_pol_flow_match(x, pol, 
fl))
                                        error = -ESRCH;
                        }
-
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[XFRM]: State selection update to use inner addresses.

Reply via email to