Description of problem: xfrm_audit_log()is not called correctly and BUG() needs to be added to ensure some arguments are valid. When called in xfrm_get_policy() causes a kernel crash. A patch has been posted on netdev mailing list and is currently undergoing a review there. This problem exists in lspp kernel and upstream kernel.
Notes to self: http://marc.theaimsgroup.com/?l=linux-netdev&m=117132072022494&w=2 Going to need to revert patch # 21202 Name: linux-2.6-xfrm-audit-correct-xfrm-auditing-panic.patch To put this in.
Created attachment 148347 [details] LSPP.65 kernel patch for this issue. LSPP.65 kernel reveted the last fix for this problem and this patch should implement the upstream fix. Since the original problem is a panic we probably need to be sure to solicit the upstream testers who found the problem to specifically test with this patch.
I need to post this for a RHEL5 update. It is upstream and has been verified as still working in the LSPP kernels.
Tested xfrm_get_policy in LSPP kernel using a test program and appears ok.
This request was evaluated by Red Hat Kernel Team for inclusion in a Red Hat Enterprise Linux maintenance release, and has moved to bugzilla status POST.
in 2.6.18-16.el5
A fix for this issue should have been included in the packages contained in the RHEL5.1-Snapshot3 on partners.redhat.com. Requested action: Please verify that your issue is fixed as soon as possible to ensure that it is included in this update release. After you (Red Hat Partner) have verified that this issue has been addressed, please perform the following: 1) Change the *status* of this bug to VERIFIED. 2) Add *keyword* of PartnerVerified (leaving the existing keywords unmodified) If this issue is not fixed, please add a comment describing the most recent symptoms of the problem you are having and change the status of the bug to FAILS_QA. More assistance: If you cannot access bugzilla, please reply with a message to Issue Tracker and I will change the status for you. If you need assistance accessing ftp://partners.redhat.com, please contact your Partner Manager.
Verified that this is fixed.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2007-0959.html