[Swan-dev] KLIPS crashes after kernel update

Roel van Meer roel.vanmeer at bokxing-it.nl
Fri Nov 1 10:20:28 EET 2013

Paul Wouters writes:

>> after upgrading from kernel 3.4.65 to 3.4.66 I experienced
>> crashes in the KLIPS function ipsec_xmit_ipip().

I'm also seeing crashes, which stopped after applying Thomas' change.

> Is that a linus kernel or a vendor kernel?

It's in Linus' tree:

Best regards,


>> I narrowed the problem down to an API change in the function
>> ip_select_ident().
>> Before:
>> static inline void ip_select_ident(struct iphdr *iph, struct dst_entry *dst,
>>        struct sock *sk)
>> After:
>> static inline void ip_select_ident(struct sk_buff *skb, struct dst_entry  
>> *dst,
>>        struct sock *sk)
>> This function is referencd in linux/include/libreswan/ipsec_param2.h.
>> After I changed the first parameter there, the crashes were gone.
> I have the "before" in our latest libreswan release 3.6. git log shows
> it was never the "after" code. It's always been:
> ipsec_param2.h:#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph,  
> skb_dst(skb), \
> Can you confirm which version of libreswan klips you are using?  Seeing
> that you CC:ed the openswan list, I think you might be using openswan,
> not libreswan.
> libreswan 3.6 should work fine up to kernel 3.11.
> Paul
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev

More information about the Swan-dev mailing list