From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Thu, 20 Oct 2005 20:32:28 +0400 From: Sergey Vlasov To: ALT Linux kernel packages development Subject: Re: [d-kernel] I: Oops =?koi8-r?B?zsEgMi40?= =?koi8-r?Q?=2E26-std-smp-alt12_=D7?= transaction.c (ext3) Message-ID: <20051020163228.GC9744@master.mivlgu.local> References: <20051020075617.GF13373@immo.ru> <20051020132203.GG13373@immo.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="O3RTKUHj+75w1tg5" Content-Disposition: inline In-Reply-To: <20051020132203.GG13373@immo.ru> X-BeenThere: devel-kernel@lists.altlinux.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ALT Linux kernel packages development List-Id: ALT Linux kernel packages development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Oct 2005 16:32:46 -0000 Archived-At: List-Archive: List-Post: --O3RTKUHj+75w1tg5 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 20, 2005 at 05:22:03PM +0400, Alexey I. Froloff wrote: > * Alexey I. Froloff [051020 11:59]: > > =F0=C1=D2=D5 =CD=C5=D3=D1=C3=C5=D7 =CE=C1=DA=C1=C4 =D0=C9=D3=C1=CC =D3= =C0=C4=C1 =D0=D2=CF =D3=D7=CF=CA Oops. =EE=C1 IRC vsu@ =CD=CE=C5 > > =D0=CF=D3=CF=D7=C5=D4=CF=D7=C1=CC =D0=C5=D2=C5=D3=CF=C2=D2=C1=D4=D8 =D1= =C4=D2=CF =D3 DEBUG_STACKOVERFLOW, =CC=CF=C7 =D7 =C1=D4=D4=C1=DE=C5. =F0=CF=C8=CF=D6=C5, =D3=CF=D7=C5=D4 =C2=D9=CC =D7=D3=A3-=D4=C1=CB=C9 =D0=D2= =C1=D7=C9=CC=D8=CE=D9=CD (=C1 DEBUG_STACKOVERFLOW, =D7=CF=DA=CD=CF=D6=CE=CF, =D3=D4=CF=C9=D4 =D7=CB=CC=C0=DE=C1=D4=D8 =D0=CF =D5=CD=CF=CC=DE=C1=CE=C9=C0= - =D0=D2=C9 =DC=D4=CF=CD =C4=CF=C2=C1=D7=CC=D1=C5=D4=D3=D1 =D4=CF=CC=D8=CB= =CF =CF=C4=CE=C1 =D0=D2=CF=D7=C5=D2=CB=C1 =D7 do_IRQ()). > dmesg | ksymoops =D4=CF=D6=C5 =D7 =C1=D4=D4=C1=DE=C5. =EF=CB=C1=DA=D9=D7=C1=C5=D4=D3=D1, =C6=D5=CE=CB=C3=C9=D1 ipsec_tunnel_start= _xmit() =C9=D3=D0=CF=CC=D8=DA=D5=C5=D4 =C4=CC=D1 =CC=CF=CB=C1=CC=D8=CE=D9=C8 =D0=C5=D2=C5=CD=C5=CE=CE=D9=C8 1212 =C2=C1=CA=D4 =D7 =D3=D4=C5=CB=C5. =E2= =C5=DA=CF=C2=D2=C1=DA=C9=C5. =F3=CC=C5=C4=D5=C0=DD=C9=CD =D0=C1=D4=DE=C5=CD =D5=C4=C1=CC=CF=D3=D8 =D3=CF= =CB=D2=C1=D4=C9=D4=D8 =DA=C1=D0=D2=CF=D3=D9 =DC=D4=CF=CA =C6=D5=CE=CB=C3=C9= =C9 =C4=CF 420 =C2=C1=CA=D4 (=C8=CF=D4=D1 =DC=D4=CF =D4=CF=D6=C5 =D3=CC=C9=DB=CB=CF=CD =CD=CE=CF=C7=CF). =F0=C1=D4= =DE =CE=C5 =D4=C5=D3=D4=C9=D2=CF=D7=C1=CC=D3=D1 =CE=C9=DE=C5=CD, =CB=D2=CF= =CD=C5 =CB=CF=CD=D0=C9=CC=D1=D4=CF=D2=C1. --- kernel-source-2.4.26/net/ipsec/ipsec_tunnel.c.ipsec_tunnel-stack 2005-0= 9-08 18:25:59 +0400 +++ kernel-source-2.4.26/net/ipsec/ipsec_tunnel.c 2005-10-20 20:19:08 +0400 @@ -592,10 +592,8 @@ ipsec_tunnel_start_xmit(struct sk_buff * int i; unsigned short sport,dport; =20 - struct sockaddr_encap matcher; /* eroute search key */ struct eroute *er; struct ipsec_sa *tdbp, *tdbq; /* Tunnel Descriptor Block pointers */ - char sa[SATOA_BUF]; size_t sa_len; int hard_header_stripped =3D 0; /* has the hard header been removed yet? = */ int hard_header_len =3D 0; @@ -613,7 +611,6 @@ ipsec_tunnel_start_xmit(struct sk_buff * #endif /* NET_21 */ int error =3D 0; uint32_t eroute_pid =3D 0; - struct ipsec_sa tdb; #ifdef CONFIG_IPSEC_ALG struct ipsec_alg_enc *ixt_e =3D NULL; struct ipsec_alg_auth *ixt_a =3D NULL; @@ -623,11 +620,30 @@ ipsec_tunnel_start_xmit(struct sk_buff * uint8_t natt_type =3D 0, natt_head =3D 0; uint16_t natt_sport =3D 0, natt_dport =3D 0; #endif + struct { + struct sockaddr_encap matcher; /* eroute search key */ + char sa[SATOA_BUF]; + struct ipsec_sa tdb; + struct sockaddr_in src, dst; +#ifdef CONFIG_IPSEC_DEBUG + char bufsrc[ADDRTOA_BUF], bufdst[ADDRTOA_BUF]; +#endif /* CONFIG_IPSEC_DEBUG */ + struct iphdr ipo; +#if defined(CONFIG_IPSEC_AUTH_HMAC_MD5) || defined(CONFIG_IPSEC_AUTH_HMAC_= SHA1) + union { +#ifdef CONFIG_IPSEC_AUTH_HMAC_MD5 + MD5_CTX md5; +#endif /* CONFIG_IPSEC_AUTH_HMAC_MD5 */ +#ifdef CONFIG_IPSEC_AUTH_HMAC_SHA1 + SHA1_CTX sha1; +#endif /* CONFIG_IPSEC_AUTH_HMAC_SHA1 */ + } tctx; + __u8 hash[AH_AMAX]; +#endif /* defined(CONFIG_IPSEC_AUTH_HMAC_MD5) || defined(CONFIG_IPSEC_AUTH= _HMAC_SHA1) */ + } *locals =3D 0; /* local variables too big for stack */ =20 dport=3Dsport=3D0; =20 - memset((char*)&tdb, 0, sizeof(struct ipsec_sa)); - /* * Return if there is nothing to do. (Does this ever happen?) XXX */ @@ -664,6 +680,18 @@ ipsec_tunnel_start_xmit(struct sk_buff * =20 stats =3D (struct net_device_stats *) &(prv->mystats); =20 + locals =3D kmalloc(sizeof(*locals), GFP_ATOMIC); + if (!locals) { + if (net_ratelimit()) + printk(KERN_WARNING "klips_debug:ipsec_tunnel_start_xmit: " + "Failed, tried to allocate %ld bytes for local variables.\n",=20 + (long)sizeof(*locals)); + stats->tx_dropped++; + goto cleanup; + } + + memset((char*)&locals->tdb, 0, sizeof(struct ipsec_sa)); + #ifdef NET_21 /* if skb was cloned (most likely due to a packet sniffer such as tcpdump being momentarily attached to the interface), make @@ -780,13 +808,13 @@ ipsec_tunnel_start_xmit(struct sk_buff * /* * First things first -- look us up in the erouting tables. */ - matcher.sen_len =3D sizeof (struct sockaddr_encap); - matcher.sen_family =3D AF_ENCAP; - matcher.sen_type =3D SENT_IP4; - matcher.sen_ip_src.s_addr =3D iph->saddr; - matcher.sen_ip_dst.s_addr =3D iph->daddr; - matcher.sen_proto =3D iph->protocol; - extract_ports(iph, &matcher); + locals->matcher.sen_len =3D sizeof (struct sockaddr_encap); + locals->matcher.sen_family =3D AF_ENCAP; + locals->matcher.sen_type =3D SENT_IP4; + locals->matcher.sen_ip_src.s_addr =3D iph->saddr; + locals->matcher.sen_ip_dst.s_addr =3D iph->daddr; + locals->matcher.sen_proto =3D iph->protocol; + extract_ports(iph, &locals->matcher); =20 /* * The spinlock is to prevent any other process from accessing or deleting @@ -794,7 +822,7 @@ ipsec_tunnel_start_xmit(struct sk_buff * */ spin_lock(&eroute_lock); =09 - er =3D ipsec_findroute(&matcher); + er =3D ipsec_findroute(&locals->matcher); =20 if(iph->protocol =3D=3D IPPROTO_UDP) { if(skb->sk) { @@ -877,12 +905,12 @@ ipsec_tunnel_start_xmit(struct sk_buff * || (outgoing_said.spi=3D=3Dhtonl(SPI_TRAPSUBNET)))) { int len; =09 - tdb.tdb_ident_s.type =3D er->er_ident_s.type; - tdb.tdb_ident_s.id =3D er->er_ident_s.id; - tdb.tdb_ident_s.len =3D er->er_ident_s.len; - if (tdb.tdb_ident_s.len) { - len =3D tdb.tdb_ident_s.len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb= _ident); - if ((tdb.tdb_ident_s.data =3D kmalloc(len, GFP_ATOMIC)) =3D=3D NULL) { + locals->tdb.tdb_ident_s.type =3D er->er_ident_s.type; + locals->tdb.tdb_ident_s.id =3D er->er_ident_s.id; + locals->tdb.tdb_ident_s.len =3D er->er_ident_s.len; + if (locals->tdb.tdb_ident_s.len) { + len =3D locals->tdb.tdb_ident_s.len * IPSEC_PFKEYv2_ALIGN - sizeof(str= uct sadb_ident); + if ((locals->tdb.tdb_ident_s.data =3D kmalloc(len, GFP_ATOMIC)) =3D=3D= NULL) { printk(KERN_WARNING "klips_debug:ipsec_tunnel_start_xmit: " "Failed, tried to allocate %d bytes for source ident.\n",=20 len); @@ -890,14 +918,14 @@ ipsec_tunnel_start_xmit(struct sk_buff * spin_unlock(&eroute_lock); goto cleanup; } - memcpy(tdb.tdb_ident_s.data, er->er_ident_s.data, len); + memcpy(locals->tdb.tdb_ident_s.data, er->er_ident_s.data, len); } - tdb.tdb_ident_d.type =3D er->er_ident_d.type; - tdb.tdb_ident_d.id =3D er->er_ident_d.id; - tdb.tdb_ident_d.len =3D er->er_ident_d.len; - if (tdb.tdb_ident_d.len) { - len =3D tdb.tdb_ident_d.len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb= _ident); - if ((tdb.tdb_ident_d.data =3D kmalloc(len, GFP_ATOMIC)) =3D=3D NULL) { + locals->tdb.tdb_ident_d.type =3D er->er_ident_d.type; + locals->tdb.tdb_ident_d.id =3D er->er_ident_d.id; + locals->tdb.tdb_ident_d.len =3D er->er_ident_d.len; + if (locals->tdb.tdb_ident_d.len) { + len =3D locals->tdb.tdb_ident_d.len * IPSEC_PFKEYv2_ALIGN - sizeof(str= uct sadb_ident); + if ((locals->tdb.tdb_ident_d.data =3D kmalloc(len, GFP_ATOMIC)) =3D=3D= NULL) { printk(KERN_WARNING "klips_debug:ipsec_tunnel_start_xmit: " "Failed, tried to allocate %d bytes for dest ident.\n",=20 len); @@ -905,7 +933,7 @@ ipsec_tunnel_start_xmit(struct sk_buff * spin_unlock(&eroute_lock); goto cleanup; } - memcpy(tdb.tdb_ident_d.data, er->er_ident_d.data, len); + memcpy(locals->tdb.tdb_ident_d.data, er->er_ident_d.data, len); } } } @@ -970,24 +998,19 @@ ipsec_tunnel_start_xmit(struct sk_buff * case SPI_TRAP: case SPI_TRAPSUBNET: { - struct sockaddr_in src, dst; -#ifdef CONFIG_IPSEC_DEBUG - char bufsrc[ADDRTOA_BUF], bufdst[ADDRTOA_BUF]; -#endif /* CONFIG_IPSEC_DEBUG */ - =09 /* Signal all listening KMds with a PF_KEY ACQUIRE */ - tdb.tdb_said.proto =3D iph->protocol; - src.sin_family =3D AF_INET; - dst.sin_family =3D AF_INET; - src.sin_addr.s_addr =3D iph->saddr; - dst.sin_addr.s_addr =3D iph->daddr; - src.sin_port =3D=20 + locals->tdb.tdb_said.proto =3D iph->protocol; + locals->src.sin_family =3D AF_INET; + locals->dst.sin_family =3D AF_INET; + locals->src.sin_addr.s_addr =3D iph->saddr; + locals->dst.sin_addr.s_addr =3D iph->daddr; + locals->src.sin_port =3D=20 (iph->protocol =3D=3D IPPROTO_UDP ? ((struct udphdr*) (((caddr_t)iph) + (iph->ihl << 2)))->source : (iph->protocol =3D=3D IPPROTO_TCP ? ((struct tcphdr*)((caddr_t)iph + (iph->ihl << 2)))->source : 0)); - dst.sin_port =3D=20 + locals->dst.sin_port =3D=20 (iph->protocol =3D=3D IPPROTO_UDP ? ((struct udphdr*) (((caddr_t)iph) + (iph->ihl << 2)))->dest : (iph->protocol =3D=3D IPPROTO_TCP @@ -997,22 +1020,22 @@ ipsec_tunnel_start_xmit(struct sk_buff * i < sizeof(struct sockaddr_in) - offsetof(struct sockaddr_in, sin_zero); i++) { - src.sin_zero[i] =3D 0; - dst.sin_zero[i] =3D 0; + locals->src.sin_zero[i] =3D 0; + locals->dst.sin_zero[i] =3D 0; } =09 - tdb.tdb_addr_s =3D (struct sockaddr*)(&src); - tdb.tdb_addr_d =3D (struct sockaddr*)(&dst); + locals->tdb.tdb_addr_s =3D (struct sockaddr*)(&locals->src); + locals->tdb.tdb_addr_d =3D (struct sockaddr*)(&locals->dst); KLIPS_PRINT(debug_tunnel & DB_TN_XMIT, "klips_debug:ipsec_tunnel_start_xmit: " "SADB_ACQUIRE sent with src=3D%s:%d, dst=3D%s:%d, proto=3D%d.\n", - addrtoa(((struct sockaddr_in*)(tdb.tdb_addr_s))->sin_addr, 0, buf= src, sizeof(bufsrc)) <=3D ADDRTOA_BUF ? bufsrc : "BAD_ADDR", - ntohs(((struct sockaddr_in*)(tdb.tdb_addr_s))->sin_port), - addrtoa(((struct sockaddr_in*)(tdb.tdb_addr_d))->sin_addr, 0, buf= dst, sizeof(bufdst)) <=3D ADDRTOA_BUF ? bufdst : "BAD_ADDR", - ntohs(((struct sockaddr_in*)(tdb.tdb_addr_d))->sin_port), - tdb.tdb_said.proto); + addrtoa(((struct sockaddr_in*)(locals->tdb.tdb_addr_s))->sin_addr= , 0, locals->bufsrc, sizeof(locals->bufsrc)) <=3D ADDRTOA_BUF ? locals->buf= src : "BAD_ADDR", + ntohs(((struct sockaddr_in*)(locals->tdb.tdb_addr_s))->sin_port), + addrtoa(((struct sockaddr_in*)(locals->tdb.tdb_addr_d))->sin_addr= , 0, locals->bufdst, sizeof(locals->bufdst)) <=3D ADDRTOA_BUF ? locals->buf= dst : "BAD_ADDR", + ntohs(((struct sockaddr_in*)(locals->tdb.tdb_addr_d))->sin_port), + locals->tdb.tdb_said.proto); =09 - if (pfkey_acquire(&tdb) =3D=3D 0) { + if (pfkey_acquire(&locals->tdb) =3D=3D 0) { =09 if (outgoing_said.spi=3D=3Dhtonl(SPI_TRAPSUBNET)) { /* @@ -1022,7 +1045,7 @@ ipsec_tunnel_start_xmit(struct sk_buff * * updating it. */ spin_lock(&eroute_lock); - er =3D ipsec_findroute(&matcher); + er =3D ipsec_findroute(&locals->matcher); if(er) { er->er_said.spi =3D htonl(SPI_HOLD); er->er_first =3D skb; @@ -1056,14 +1079,14 @@ ipsec_tunnel_start_xmit(struct sk_buff * spin_lock(&tdb_lock); =20 tdbp =3D ipsec_sa_getbyid(&outgoing_said); - sa_len =3D satoa(outgoing_said, 0, sa, SATOA_BUF); + sa_len =3D satoa(outgoing_said, 0, locals->sa, SATOA_BUF); =20 if (tdbp =3D=3D NULL) { spin_unlock(&tdb_lock); KLIPS_PRINT(debug_tunnel & DB_TN_XMIT, "klips_debug:ipsec_tunnel_start_xmit: " "no Tunnel Descriptor Block for SA%s: outgoing packet with no SA, = dropped.\n", - sa_len ? sa : " (error)"); + sa_len ? locals->sa : " (error)"); stats->tx_dropped++; goto cleanup; } @@ -1072,7 +1095,7 @@ ipsec_tunnel_start_xmit(struct sk_buff * "klips_debug:ipsec_tunnel_start_xmit: " "found Tunnel Descriptor Block -- SA:<%s%s%s> %s\n", IPS_XFORM_NAME(tdbp), - sa_len ? sa : " (error)"); + sa_len ? locals->sa : " (error)"); =09 /* * How much headroom do we need to be able to apply @@ -1080,9 +1103,9 @@ ipsec_tunnel_start_xmit(struct sk_buff * */ tdbq =3D tdbp; /* save the head of the tdb chain */ while (tdbp) { - sa_len =3D satoa(tdbp->tdb_said, 0, sa, SATOA_BUF); + sa_len =3D satoa(tdbp->tdb_said, 0, locals->sa, SATOA_BUF); if(sa_len =3D=3D 0) { - strcpy(sa, "(error)"); + strcpy(locals->sa, "(error)"); } =20 /* If it is in larval state, drop the packet, we cannot process yet. */ @@ -1091,7 +1114,7 @@ ipsec_tunnel_start_xmit(struct sk_buff * "klips_debug:ipsec_tunnel_start_xmit: " "TDB in larval state for SA:<%s%s%s> %s, cannot be used yet, drop= ping packet.\n", IPS_XFORM_NAME(tdbp), - sa_len ? sa : " (error)"); + sa_len ? locals->sa : " (error)"); spin_unlock(&tdb_lock); stats->tx_errors++; goto cleanup; @@ -1102,7 +1125,7 @@ ipsec_tunnel_start_xmit(struct sk_buff * "klips_debug:ipsec_tunnel_start_xmit: " "TDB in dead state for SA:<%s%s%s> %s, can no longer be used, dro= pping packet.\n", IPS_XFORM_NAME(tdbp), - sa_len ? sa : " (error)"); + sa_len ? locals->sa : " (error)"); spin_unlock(&tdb_lock); stats->tx_errors++; goto cleanup; @@ -1115,7 +1138,7 @@ ipsec_tunnel_start_xmit(struct sk_buff * "klips_debug:ipsec_tunnel_start_xmit: " "replay window counter rolled for SA:<%s%s%s> %s, packet dropped,= expiring SA.\n", IPS_XFORM_NAME(tdbp), - sa_len ? sa : " (error)"); + sa_len ? locals->sa : " (error)"); ipsec_sa_delchain(tdbp); spin_unlock(&tdb_lock); stats->tx_errors++; @@ -1135,13 +1158,13 @@ ipsec_tunnel_start_xmit(struct sk_buff * #endif =20 =20 - if(ipsec_lifetime_check(&tdbp->ips_life.ipl_bytes, "bytes", sa,=20 + if(ipsec_lifetime_check(&tdbp->ips_life.ipl_bytes, "bytes", locals->sa,= =20 ipsec_life_countbased, ipsec_outgoing, tdbp) =3D=3D ipsec_life_hardd= ied || - ipsec_lifetime_check(&tdbp->ips_life.ipl_addtime, "addtime",sa, + ipsec_lifetime_check(&tdbp->ips_life.ipl_addtime, "addtime",locals->= sa, ipsec_life_timebased, ipsec_outgoing, tdbp) =3D=3D ipsec_life_hardd= ied || - ipsec_lifetime_check(&tdbp->ips_life.ipl_usetime, "usetime",sa, + ipsec_lifetime_check(&tdbp->ips_life.ipl_usetime, "usetime",locals->= sa, ipsec_life_timebased, ipsec_outgoing, tdbp) =3D=3D ipsec_life_hardd= ied || - ipsec_lifetime_check(&tdbp->ips_life.ipl_packets, "packets",sa, + ipsec_lifetime_check(&tdbp->ips_life.ipl_packets, "packets",locals->= sa, ipsec_life_countbased, ipsec_outgoing, tdbp) =3D=3D ipsec_life_hardd= ied) { =09 ipsec_sa_delchain(tdbp); @@ -1156,7 +1179,7 @@ ipsec_tunnel_start_xmit(struct sk_buff * "klips_debug:ipsec_tunnel_start_xmit: " "calling room for <%s%s%s>, SA:%s\n",=20 IPS_XFORM_NAME(tdbp), - sa_len ? sa : " (error)"); + sa_len ? locals->sa : " (error)"); switch(tdbp->tdb_said.proto) { #ifdef CONFIG_IPSEC_AH case IPPROTO_AH: @@ -1552,31 +1575,19 @@ ipsec_tunnel_start_xmit(struct sk_buff * int authlen =3D 0, padlen =3D 0, i; #endif /* !CONFIG_IPSEC_ESP */ #ifdef CONFIG_IPSEC_AH - struct iphdr ipo; struct ah *ahp; #endif /* CONFIG_IPSEC_AH */ -#if defined(CONFIG_IPSEC_AUTH_HMAC_MD5) || defined(CONFIG_IPSEC_AUTH_HMAC_= SHA1) - union { -#ifdef CONFIG_IPSEC_AUTH_HMAC_MD5 - MD5_CTX md5; -#endif /* CONFIG_IPSEC_AUTH_HMAC_MD5 */ -#ifdef CONFIG_IPSEC_AUTH_HMAC_SHA1 - SHA1_CTX sha1; -#endif /* CONFIG_IPSEC_AUTH_HMAC_SHA1 */ - } tctx; - __u8 hash[AH_AMAX]; -#endif /* defined(CONFIG_IPSEC_AUTH_HMAC_MD5) || defined(CONFIG_IPSEC_AUTH= _HMAC_SHA1) */ int headroom =3D 0, tailroom =3D 0, ilen =3D 0, len =3D 0; unsigned char *dat; =09 iphlen =3D iph->ihl << 2; pyldsz =3D ntohs(iph->tot_len) - iphlen; - sa_len =3D satoa(tdbp->tdb_said, 0, sa, SATOA_BUF); + sa_len =3D satoa(tdbp->tdb_said, 0, locals->sa, SATOA_BUF); KLIPS_PRINT(debug_tunnel & DB_TN_OXFS, "klips_debug:ipsec_tunnel_start_xmit: " "calling output for <%s%s%s>, SA:%s\n",=20 IPS_XFORM_NAME(tdbp), - sa_len ? sa : " (error)"); + sa_len ? locals->sa : " (error)"); =09 switch(tdbp->tdb_said.proto) { #ifdef CONFIG_IPSEC_AH @@ -1799,38 +1810,38 @@ ipsec_tunnel_start_xmit(struct sk_buff * #ifdef CONFIG_IPSEC_AUTH_HMAC_MD5 case AH_MD5: dmp("espp", (char*)espp, len - iphlen - authlen); - tctx.md5 =3D ((struct md5_ctx*)(tdbp->tdb_key_a))->ictx; - dmp("ictx", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Update(&tctx.md5, (caddr_t)espp, len - iphlen - authlen); - dmp("ictx+dat", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Final(hash, &tctx.md5); - dmp("ictx hash", (char*)&hash, sizeof(hash)); - tctx.md5 =3D ((struct md5_ctx*)(tdbp->tdb_key_a))->octx; - dmp("octx", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Update(&tctx.md5, hash, AHMD596_ALEN); - dmp("octx+hash", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Final(hash, &tctx.md5); - dmp("octx hash", (char*)&hash, sizeof(hash)); - memcpy(&(dat[len - authlen]), hash, authlen); + locals->tctx.md5 =3D ((struct md5_ctx*)(tdbp->tdb_key_a))->ictx; + dmp("ictx", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)); + MD5Update(&locals->tctx.md5, (caddr_t)espp, len - iphlen - authlen); + dmp("ictx+dat", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)); + MD5Final(locals->hash, &locals->tctx.md5); + dmp("ictx hash", (char*)&locals->hash, sizeof(locals->hash)); + locals->tctx.md5 =3D ((struct md5_ctx*)(tdbp->tdb_key_a))->octx; + dmp("octx", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)); + MD5Update(&locals->tctx.md5, locals->hash, AHMD596_ALEN); + dmp("octx+hash", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)); + MD5Final(locals->hash, &locals->tctx.md5); + dmp("octx hash", (char*)&locals->hash, sizeof(locals->hash)); + memcpy(&(dat[len - authlen]), locals->hash, authlen); =20 /* paranoid */ - memset((caddr_t)&tctx.md5, 0, sizeof(tctx.md5)); - memset((caddr_t)hash, 0, sizeof(*hash)); + memset((caddr_t)&locals->tctx.md5, 0, sizeof(locals->tctx.md5)); + memset((caddr_t)locals->hash, 0, sizeof(*locals->hash)); break; #endif /* CONFIG_IPSEC_AUTH_HMAC_MD5 */ #ifdef CONFIG_IPSEC_AUTH_HMAC_SHA1 case AH_SHA: - tctx.sha1 =3D ((struct sha1_ctx*)(tdbp->tdb_key_a))->ictx; - SHA1Update(&tctx.sha1, (caddr_t)espp, len - iphlen - authlen); - SHA1Final(hash, &tctx.sha1); - tctx.sha1 =3D ((struct sha1_ctx*)(tdbp->tdb_key_a))->octx; - SHA1Update(&tctx.sha1, hash, AHSHA196_ALEN); - SHA1Final(hash, &tctx.sha1); - memcpy(&(dat[len - authlen]), hash, authlen); + locals->tctx.sha1 =3D ((struct sha1_ctx*)(tdbp->tdb_key_a))->ictx; + SHA1Update(&locals->tctx.sha1, (caddr_t)espp, len - iphlen - authlen); + SHA1Final(locals->hash, &locals->tctx.sha1); + locals->tctx.sha1 =3D ((struct sha1_ctx*)(tdbp->tdb_key_a))->octx; + SHA1Update(&locals->tctx.sha1, locals->hash, AHSHA196_ALEN); + SHA1Final(locals->hash, &locals->tctx.sha1); + memcpy(&(dat[len - authlen]), locals->hash, authlen); =09 /* paranoid */ - memset((caddr_t)&tctx.sha1, 0, sizeof(tctx.sha1)); - memset((caddr_t)hash, 0, sizeof(*hash)); + memset((caddr_t)&locals->tctx.sha1, 0, sizeof(locals->tctx.sha1)); + memset((caddr_t)locals->hash, 0, sizeof(*locals->hash)); break; #endif /* CONFIG_IPSEC_AUTH_HMAC_SHA1 */ case AH_NONE: @@ -1856,59 +1867,59 @@ ipsec_tunnel_start_xmit(struct sk_buff * iph->protocol =3D IPPROTO_AH; dmp("ahp", (char*)ahp, sizeof(*ahp)); =09 - ipo =3D *iph; - ipo.tos =3D 0; - ipo.frag_off =3D 0; - ipo.ttl =3D 0; - ipo.check =3D 0; - dmp("ipo", (char*)&ipo, sizeof(ipo)); + locals->ipo =3D *iph; + locals->ipo.tos =3D 0; + locals->ipo.frag_off =3D 0; + locals->ipo.ttl =3D 0; + locals->ipo.check =3D 0; + dmp("ipo", (char*)&locals->ipo, sizeof(locals->ipo)); =09 switch(tdbp->tdb_authalg) { #ifdef CONFIG_IPSEC_AUTH_HMAC_MD5 case AH_MD5: - tctx.md5 =3D ((struct md5_ctx*)(tdbp->tdb_key_a))->ictx; - dmp("ictx", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Update(&tctx.md5, (unsigned char *)&ipo, sizeof (struct iphdr)); - dmp("ictx+ipo", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Update(&tctx.md5, (unsigned char *)ahp, headroom - sizeof(ahp->ah_= data)); - dmp("ictx+ahp", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Update(&tctx.md5, (unsigned char *)zeroes, AHHMAC_HASHLEN); - dmp("ictx+zeroes", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Update(&tctx.md5, dat + iphlen + headroom, len - iphlen - headroo= m); - dmp("ictx+dat", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Final(hash, &tctx.md5); - dmp("ictx hash", (char*)&hash, sizeof(hash)); - tctx.md5 =3D ((struct md5_ctx*)(tdbp->tdb_key_a))->octx; - dmp("octx", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Update(&tctx.md5, hash, AHMD596_ALEN); - dmp("octx+hash", (char*)&tctx.md5, sizeof(tctx.md5)); - MD5Final(hash, &tctx.md5); - dmp("octx hash", (char*)&hash, sizeof(hash)); + locals->tctx.md5 =3D ((struct md5_ctx*)(tdbp->tdb_key_a))->ictx; + dmp("ictx", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)); + MD5Update(&locals->tctx.md5, (unsigned char *)&locals->ipo, sizeof (s= truct iphdr)); + dmp("ictx+ipo", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)); + MD5Update(&locals->tctx.md5, (unsigned char *)ahp, headroom - sizeof(= ahp->ah_data)); + dmp("ictx+ahp", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)); + MD5Update(&locals->tctx.md5, (unsigned char *)zeroes, AHHMAC_HASHLEN); + dmp("ictx+zeroes", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)= ); + MD5Update(&locals->tctx.md5, dat + iphlen + headroom, len - iphlen -= headroom); + dmp("ictx+dat", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)); + MD5Final(locals->hash, &locals->tctx.md5); + dmp("ictx hash", (char*)&locals->hash, sizeof(locals->hash)); + locals->tctx.md5 =3D ((struct md5_ctx*)(tdbp->tdb_key_a))->octx; + dmp("octx", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)); + MD5Update(&locals->tctx.md5, locals->hash, AHMD596_ALEN); + dmp("octx+hash", (char*)&locals->tctx.md5, sizeof(locals->tctx.md5)); + MD5Final(locals->hash, &locals->tctx.md5); + dmp("octx hash", (char*)&locals->hash, sizeof(locals->hash)); =09 - memcpy(ahp->ah_data, hash, AHHMAC_HASHLEN); + memcpy(ahp->ah_data, locals->hash, AHHMAC_HASHLEN); =09 /* paranoid */ - memset((caddr_t)&tctx.md5, 0, sizeof(tctx.md5)); - memset((caddr_t)hash, 0, sizeof(hash)); + memset((caddr_t)&locals->tctx.md5, 0, sizeof(locals->tctx.md5)); + memset((caddr_t)locals->hash, 0, sizeof(locals->hash)); break; #endif /* CONFIG_IPSEC_AUTH_HMAC_MD5 */ #ifdef CONFIG_IPSEC_AUTH_HMAC_SHA1 case AH_SHA: - tctx.sha1 =3D ((struct sha1_ctx*)(tdbp->tdb_key_a))->ictx; - SHA1Update(&tctx.sha1, (unsigned char *)&ipo, sizeof (struct iphdr)); - SHA1Update(&tctx.sha1, (unsigned char *)ahp, headroom - sizeof(ahp->a= h_data)); - SHA1Update(&tctx.sha1, (unsigned char *)zeroes, AHHMAC_HASHLEN); - SHA1Update(&tctx.sha1, dat + iphlen + headroom, len - iphlen - headr= oom); - SHA1Final(hash, &tctx.sha1); - tctx.sha1 =3D ((struct sha1_ctx*)(tdbp->tdb_key_a))->octx; - SHA1Update(&tctx.sha1, hash, AHSHA196_ALEN); - SHA1Final(hash, &tctx.sha1); + locals->tctx.sha1 =3D ((struct sha1_ctx*)(tdbp->tdb_key_a))->ictx; + SHA1Update(&locals->tctx.sha1, (unsigned char *)&locals->ipo, sizeof = (struct iphdr)); + SHA1Update(&locals->tctx.sha1, (unsigned char *)ahp, headroom - sizeo= f(ahp->ah_data)); + SHA1Update(&locals->tctx.sha1, (unsigned char *)zeroes, AHHMAC_HASHLE= N); + SHA1Update(&locals->tctx.sha1, dat + iphlen + headroom, len - iphlen= - headroom); + SHA1Final(locals->hash, &locals->tctx.sha1); + locals->tctx.sha1 =3D ((struct sha1_ctx*)(tdbp->tdb_key_a))->octx; + SHA1Update(&locals->tctx.sha1, locals->hash, AHSHA196_ALEN); + SHA1Final(locals->hash, &locals->tctx.sha1); =09 - memcpy(ahp->ah_data, hash, AHHMAC_HASHLEN); + memcpy(ahp->ah_data, locals->hash, AHHMAC_HASHLEN); =09 /* paranoid */ - memset((caddr_t)&tctx.sha1, 0, sizeof(tctx.sha1)); - memset((caddr_t)hash, 0, sizeof(hash)); + memset((caddr_t)&locals->tctx.sha1, 0, sizeof(locals->tctx.sha1)); + memset((caddr_t)locals->hash, 0, sizeof(locals->hash)); break; #endif /* CONFIG_IPSEC_AUTH_HMAC_SHA1 */ default: @@ -2030,7 +2041,7 @@ ipsec_tunnel_start_xmit(struct sk_buff * "klips_debug:ipsec_tunnel_start_xmit: " "after <%s%s%s>, SA:%s:\n", IPS_XFORM_NAME(tdbp), - sa_len ? sa : " (error)"); + sa_len ? locals->sa : " (error)"); KLIPS_IP_PRINT(debug_tunnel & DB_TN_XMIT, iph); =09 tdbp->ips_life.ipl_bytes.ipl_count +=3D len; @@ -2054,13 +2065,13 @@ ipsec_tunnel_start_xmit(struct sk_buff * =20 spin_unlock(&tdb_lock); =20 - matcher.sen_ip_src.s_addr =3D iph->saddr; - matcher.sen_ip_dst.s_addr =3D iph->daddr; - matcher.sen_proto =3D iph->protocol; - extract_ports(iph, &matcher); + locals->matcher.sen_ip_src.s_addr =3D iph->saddr; + locals->matcher.sen_ip_dst.s_addr =3D iph->daddr; + locals->matcher.sen_proto =3D iph->protocol; + extract_ports(iph, &locals->matcher); =09 spin_lock(&eroute_lock); - er =3D ipsec_findroute(&matcher); + er =3D ipsec_findroute(&locals->matcher); if(er) { outgoing_said =3D er->er_said; eroute_pid =3D er->er_pid; @@ -2243,12 +2254,13 @@ ipsec_tunnel_start_xmit(struct sk_buff * if(oskb) { dev_kfree_skb(oskb, FREE_WRITE); } - if (tdb.tdb_ident_s.data) { - kfree(tdb.tdb_ident_s.data); + if (locals && locals->tdb.tdb_ident_s.data) { + kfree(locals->tdb.tdb_ident_s.data); } - if (tdb.tdb_ident_d.data) { - kfree(tdb.tdb_ident_d.data); + if (locals && locals->tdb.tdb_ident_d.data) { + kfree(locals->tdb.tdb_ident_d.data); } + kfree(locals); return 0; } =20 --O3RTKUHj+75w1tg5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFDV8acW82GfkQfsqIRAmYcAJ9ufVPnZbPPDt1v+sBI4149R3S5rwCfdP77 WFi+F2PcH4C3844auC6p2SQ= =7unI -----END PGP SIGNATURE----- --O3RTKUHj+75w1tg5--