xfrm4: Invalidate all ipv4 routes on IPsec pmtu events

On IPsec pmtu events we can't access the transport headers of the original packet, so we can't find the socket that sent the packet. The only chance to notify the socket about the pmtu change is to force a relookup for all routes. This patch implenents this for the IPsec protocols. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
author: Steffen Klassert <steffen.klassert@secunet.com> 2013-01-15 13:38:53 +0100
committer: Steffen Klassert <steffen.klassert@secunet.com> 2013-01-21 12:43:54 +0100
commit: 05ab86c55683410593720003442dde629782aaac (patch)
tree: 9a35cdd3157094965e54e63fcc58af4f1e07bb35 /net/ipv4/ah4.c
parent: 5b653b2a1c3b5634368fde2df958a1398481e580 (diff)
download: linux-05ab86c55683410593720003442dde629782aaac.tar.bz2
1 files changed, 5 insertions, 2 deletions
diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c
index a154d0a08c79..a69b4e4a02b5 100644
--- a/net/ipv4/ah4.c
+++ b/net/ipv4/ah4.c
@@ -420,9 +420,12 @@ static void ah4_err(struct sk_buff *skb, u32 info)
 	if (!x)
 		return;
 
-	if (icmp_hdr(skb)->type == ICMP_DEST_UNREACH)
+	if (icmp_hdr(skb)->type == ICMP_DEST_UNREACH) {
+		atomic_inc(&flow_cache_genid);
+		rt_genid_bump(net);
+
 		ipv4_update_pmtu(skb, net, info, 0, 0, IPPROTO_AH, 0);
-	else
+	} else
 		ipv4_redirect(skb, net, 0, 0, IPPROTO_AH, 0);
 	xfrm_state_put(x);
 }
author	Steffen Klassert <steffen.klassert@secunet.com>	2013-01-15 13:38:53 +0100
committer	Steffen Klassert <steffen.klassert@secunet.com>	2013-01-21 12:43:54 +0100
commit	05ab86c55683410593720003442dde629782aaac (patch)
tree	9a35cdd3157094965e54e63fcc58af4f1e07bb35 /net/ipv4/ah4.c
parent	5b653b2a1c3b5634368fde2df958a1398481e580 (diff)
download	linux-05ab86c55683410593720003442dde629782aaac.tar.bz2