[Swan-dev] KLIPS crashes after kernel update
Roel van Meer
roel.vanmeer at bokxing-it.nl
Fri Nov 1 10:20:28 EET 2013
Paul Wouters writes:
>> after upgrading from kernel 3.4.65 to 3.4.66 I experienced
>> crashes in the KLIPS function ipsec_xmit_ipip().
I'm also seeing crashes, which stopped after applying Thomas' change.
> Is that a linus kernel or a vendor kernel?
It's in Linus' tree:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/include/net/ip.h?h=linux-3.10.y&id=68a9e707892caf0fda14656963fd99c6a1c10e46
Best regards,
Roel
>> I narrowed the problem down to an API change in the function
>> ip_select_ident().
>>
>> Before:
>> static inline void ip_select_ident(struct iphdr *iph, struct dst_entry *dst,
>> struct sock *sk)
>>
>> After:
>> static inline void ip_select_ident(struct sk_buff *skb, struct dst_entry
>> *dst,
>> struct sock *sk)
>>
>> This function is referencd in linux/include/libreswan/ipsec_param2.h.
>>
>> After I changed the first parameter there, the crashes were gone.
>
> I have the "before" in our latest libreswan release 3.6. git log shows
> it was never the "after" code. It's always been:
>
> ipsec_param2.h:#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph,
> skb_dst(skb), \
>
> Can you confirm which version of libreswan klips you are using? Seeing
> that you CC:ed the openswan list, I think you might be using openswan,
> not libreswan.
>
> libreswan 3.6 should work fine up to kernel 3.11.
>
> Paul
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
More information about the Swan-dev
mailing list