42cf93cd46
The bridge-netfilter code attaches a fake dst_entry with dst->ops == NULL to purely bridged packets. When these packets are SNATed and a policy lookup is done, xfrm_lookup crashes because it tries to dereference dst->ops. Change xfrm_lookup not to dereference dst->ops before checking for the DST_NOXFRM flag and set this flag in the fake dst_entry. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> |
||
---|---|---|
.. | ||
netfilter | ||
br_device.c | ||
br_fdb.c | ||
br_forward.c | ||
br_if.c | ||
br_input.c | ||
br_ioctl.c | ||
br_netfilter.c | ||
br_notify.c | ||
br_private_stp.h | ||
br_private.h | ||
br_stp_bpdu.c | ||
br_stp_if.c | ||
br_stp_timer.c | ||
br_stp.c | ||
br_sysfs_br.c | ||
br_sysfs_if.c | ||
br.c | ||
Kconfig | ||
Makefile |