[XFRM]: Fix crash introduced by struct dst_entry reordering

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

XFRM expects xfrm_dst->u.next to be same pointer as dst->next, which
was broken by the dst_entry reordering in commit 1e19e02c~, causing
an oops in xfrm_bundle_ok when walking the bundle upwards.

Kill xfrm_dst->u.next and change the only user to use dst->next instead.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Patrick McHardy and committed by

David S. Miller 18 years ago bd0bf076 16751347

+1 -2

2 changed files

expand all

include

net

xfrm.h

net

xfrm

xfrm_policy.c

-1

include/net/xfrm.h

··· 585 585 struct xfrm_dst 586 586 { 587 587 union { 588 - struct xfrm_dst *next; 589 588 struct dst_entry dst; 590 589 struct rtable rt; 591 590 struct rt6_info rt6;

+1 -1

net/xfrm/xfrm_policy.c

··· 2141 2141 if (last == first) 2142 2142 break; 2143 2143 2144 - last = last->u.next; 2144 + last = (struct xfrm_dst *)last->u.dst.next; 2145 2145 last->child_mtu_cached = mtu; 2146 2146 } 2147 2147