1. 20 Feb, 2006 4 commits
    • Patrick McHardy's avatar
      [NETFILTER]: Fix outgoing redirects to loopback · 8e249f08
      Patrick McHardy authored
      When redirecting an outgoing packet to loopback, it keeps the original
      conntrack reference and information from the outgoing path, which
      falsely triggers the check for DNAT on input and the dst_entry is
      released to trigger rerouting. ip_route_input refuses to route the
      packet because it has a local source address and it is dropped.
      
      Look at the packet itself to dermine if it was NATed. Also fix a
      missing inversion that causes unneccesary xfrm lookups.
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8e249f08
    • Jean Tourrilhes's avatar
      [IRDA]: irda-usb bug fixes · 669d32a2
      Jean Tourrilhes authored
      This patch fixes 2 bugs in the USB-IrDA code.
      
      The first one is a buffer overrun in the RX path. We are now using
      IRDA_SKB_MAX_MTU when initializing the Rx URB.
      
      The second one is a potential stack recursion when unplugging the USB
      dongle.  It seems that first we get the Rx URB with a generic error
      code, and after a while the Rx URB comes again with a "disconnect"
      error code.  Since we are resubmitting the Rx URB immediately after
      receiving the first error one, we might enter an endless loop.
      
      When getting an error Rx URB, the patch defers the Rx URB resubmitting
      so that it gives us a chance to catch the disconnect one, in case the
      dongle has juts been unplugged.
      
      Tested against 2.6.16-rc2.
      
      Patch from Jean Tourrilhes
      Signed-off-by: default avatarJean Tourrilhes <jt@hpl.hp.com>
      Signed-off-by: default avatarSamuel Ortiz <samuel.ortiz@nokia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      669d32a2
    • Patrick McHardy's avatar
      [NETFILTER]: Fix NAT PMTUD problems · bc6e14b6
      Patrick McHardy authored
      ICMP errors are only SNATed when their source matches the source of the
      connection they are related to, otherwise the source address is not
      changed. This creates problems with ICMP frag. required messages
      originating from a router behind the NAT, if private IPs are used the
      packet has a good change of getting dropped on the path to its destination.
      
      Always NAT ICMP errors similar to the original connection.
      
      Based on report by Al Viro.
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bc6e14b6
    • Patrick McHardy's avatar
      [XFRM]: Fix policy double put · 99511014
      Patrick McHardy authored
      The policy is put once immediately and once at the error label, which results
      in the following Oops:
      
      kernel BUG at net/xfrm/xfrm_policy.c:250!
      invalid opcode: 0000 [#2]
      PREEMPT
      [...]
      CPU:    0
      EIP:    0060:[<c028caf7>]    Not tainted VLI
      EFLAGS: 00210246   (2.6.16-rc3 #39)
      EIP is at __xfrm_policy_destroy+0xf/0x46
      eax: d49f2000   ebx: d49f2000   ecx: f74bd880   edx: f74bd280
      esi: d49f2000   edi: 00000001   ebp: cd506dcc   esp: cd506dc8
      ds: 007b   es: 007b   ss: 0068
      Process ssh (pid: 31970, threadinfo=cd506000 task=cfb04a70)
      Stack: <0>cd506000 cd506e34 c028e92b ebde7280 cd506e58 cd506ec0 f74bd280 00000000
             00000214 0000000a 0000000a 00000000 00000002 f7ae6000 00000000 cd506e58
             cd506e14 c0299e36 f74bd280 e873fe00 c02943fd cd506ec0 ebde7280 f271f440
      Call Trace:
       [<c0103a44>] show_stack_log_lvl+0xaa/0xb5
       [<c0103b75>] show_registers+0x126/0x18c
       [<c0103e68>] die+0x14e/0x1db
       [<c02b6809>] do_trap+0x7c/0x96
       [<c0104237>] do_invalid_op+0x89/0x93
       [<c01035af>] error_code+0x4f/0x54
       [<c028e92b>] xfrm_lookup+0x349/0x3c2
       [<c02b0b0d>] ip6_datagram_connect+0x317/0x452
       [<c0281749>] inet_dgram_connect+0x49/0x54
       [<c02404d2>] sys_connect+0x51/0x68
       [<c0240928>] sys_socketcall+0x6f/0x166
       [<c0102aa1>] syscall_call+0x7/0xb
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      99511014
  2. 17 Feb, 2006 36 commits