xfrm4: Invalidate all ipv4 routes on IPsec pmtu events

On IPsec pmtu events we can't access the transport headers of the original packet, so we can't find the socket that sent the packet. The only chance to notify the socket about the pmtu change is to force a relookup for all routes. This patch implenents this for the IPsec protocols. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
author: Steffen Klassert <steffen.klassert@secunet.com> 2013-01-15 12:38:53 (GMT)
committer: Steffen Klassert <steffen.klassert@secunet.com> 2013-01-21 11:43:54 (GMT)
commit: 05ab86c55683410593720003442dde629782aaac (patch)
tree: 9a35cdd3157094965e54e63fcc58af4f1e07bb35 /net/ipv4/esp4.c
parent: 5b653b2a1c3b5634368fde2df958a1398481e580 (diff)
download: linux-05ab86c55683410593720003442dde629782aaac.tar.xz
1 files changed, 5 insertions, 2 deletions
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
index fd26ff4..3b4f0cd 100644
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -502,9 +502,12 @@ static void esp4_err(struct sk_buff *skb, u32 info)
 	if (!x)
 		return;
 
-	if (icmp_hdr(skb)->type == ICMP_DEST_UNREACH)
+	if (icmp_hdr(skb)->type == ICMP_DEST_UNREACH) {
+		atomic_inc(&flow_cache_genid);
+		rt_genid_bump(net);
+
 		ipv4_update_pmtu(skb, net, info, 0, 0, IPPROTO_ESP, 0);
-	else
+	} else
 		ipv4_redirect(skb, net, 0, 0, IPPROTO_ESP, 0);
 	xfrm_state_put(x);
 }
author	Steffen Klassert <steffen.klassert@secunet.com>	2013-01-15 12:38:53 (GMT)
committer	Steffen Klassert <steffen.klassert@secunet.com>	2013-01-21 11:43:54 (GMT)
commit	05ab86c55683410593720003442dde629782aaac (patch)
tree	9a35cdd3157094965e54e63fcc58af4f1e07bb35 /net/ipv4/esp4.c
parent	5b653b2a1c3b5634368fde2df958a1398481e580 (diff)
download	linux-05ab86c55683410593720003442dde629782aaac.tar.xz