[3.11.y.z extended stable] Patch "xfrm: Release dst if this dst is improper for vti tunnel" has been added to staging queue

Wed Dec 11 14:40:10 UTC 2013

This is a note to let you know that I have just added a patch titled

    xfrm: Release dst if this dst is improper for vti tunnel

to the linux-3.11.y-queue branch of the 3.11.y.z extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.11.y-queue

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.11.y.z tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Luis

------

>From 197183f1558c2111b1cf676f5d32b76dd29feb0a Mon Sep 17 00:00:00 2001
From: "fan.du" <fan.du at windriver.com>
Date: Tue, 19 Nov 2013 16:53:28 +0800
Subject: xfrm: Release dst if this dst is improper for vti tunnel

commit 236c9f84868534c718b6889aa624de64763281f9 upstream.

After searching rt by the vti tunnel dst/src parameter,
if this rt has neither attached to any transformation
nor the transformation is not tunnel oriented, this rt
should be released back to ip layer.

otherwise causing dst memory leakage.

Signed-off-by: Fan Du <fan.du at windriver.com>
Signed-off-by: David S. Miller <davem at davemloft.net>
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
 net/ipv4/ip_vti.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c
index 0656041..feb19db 100644
--- a/net/ipv4/ip_vti.c
+++ b/net/ipv4/ip_vti.c
@@ -350,6 +350,7 @@ static netdev_tx_t vti_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
 	if (!rt->dst.xfrm ||
 	    rt->dst.xfrm->props.mode != XFRM_MODE_TUNNEL) {
 		dev->stats.tx_carrier_errors++;
+		ip_rt_put(rt);
 		goto tx_error_icmp;
 	}
 	tdev = rt->dst.dev;
--
1.8.3.2



