[Swan-dev] KLIPS crashes after kernel update

Roel van Meer roel.vanmeer at bokxing-it.nl
Fri Nov 1 10:20:28 EET 2013


Paul Wouters writes:

>> after upgrading from kernel 3.4.65 to 3.4.66 I experienced
>> crashes in the KLIPS function ipsec_xmit_ipip().

I'm also seeing crashes, which stopped after applying Thomas' change.

> Is that a linus kernel or a vendor kernel?

It's in Linus' tree:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/include/net/ip.h?h=linux-3.10.y&id=68a9e707892caf0fda14656963fd99c6a1c10e46

Best regards,

Roel

>> I narrowed the problem down to an API change in the function
>> ip_select_ident().
>>
>> Before:
>> static inline void ip_select_ident(struct iphdr *iph, struct dst_entry *dst,
>>        struct sock *sk)
>>
>> After:
>> static inline void ip_select_ident(struct sk_buff *skb, struct dst_entry  
>> *dst,
>>        struct sock *sk)
>>
>> This function is referencd in linux/include/libreswan/ipsec_param2.h.
>>
>> After I changed the first parameter there, the crashes were gone.
>
> I have the "before" in our latest libreswan release 3.6. git log shows
> it was never the "after" code. It's always been:
>
> ipsec_param2.h:#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph,  
> skb_dst(skb), \
>
> Can you confirm which version of libreswan klips you are using?  Seeing
> that you CC:ed the openswan list, I think you might be using openswan,
> not libreswan.
>
> libreswan 3.6 should work fine up to kernel 3.11.
>
> Paul
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev


More information about the Swan-dev mailing list