Commit 1095a185 authored by Natanael Copa's avatar Natanael Copa

main/linux-grsec: Fix NOARP behaviour on NBMA mGRE tunnels

parent c1489591
......@@ -4,7 +4,7 @@ _flavor=grsec
pkgname=linux-${_flavor}
pkgver=2.6.32.9
_kernver=2.6.32
pkgrel=0
pkgrel=1
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs linux-firmware"
......@@ -15,6 +15,8 @@ install=
source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2
ftp://ftp.kernel.org/pub/linux/kernel/v2.6/patch-$pkgver.bz2
grsecurity-2.1.14-2.6.32.9-201002231820.patch
ip_gre.patch
arp.patch
kernelconfig.x86
"
subpackages="$pkgname-dev linux-firmware:firmware"
......@@ -121,4 +123,6 @@ firmware() {
md5sums="260551284ac224c3a43c4adac7df4879 linux-2.6.32.tar.bz2
7f615dd3b4a3b19fb86e479996a2deb5 patch-2.6.32.9.bz2
7da77829d4d994498218c412caed1db8 grsecurity-2.1.14-2.6.32.9-201002231820.patch
3ef822f3a2723b9a80c3f12954457225 ip_gre.patch
4c39a161d918e7f274292ecfd168b891 arp.patch
782074af6a1f1b1b1c9a33f5ac1b42bf kernelconfig.x86"
diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c
index c95cd93..71ab56f 100644
--- a/net/ipv4/arp.c
+++ b/net/ipv4/arp.c
@@ -1200,6 +1200,9 @@ static int arp_netdev_event(struct notifier_block *this, unsigned long event, vo
neigh_changeaddr(&arp_tbl, dev);
rt_cache_flush(dev_net(dev), 0);
break;
+ case NETDEV_CHANGE:
+ neigh_changeaddr(&arp_tbl, dev);
+ break;
default:
break;
}
--- a/net/ipv4/ip_gre.c.orig
+++ b/net/ipv4/ip_gre.c
@@ -1137,11 +1137,8 @@
if (saddr)
memcpy(&iph->saddr, saddr, 4);
-
- if (daddr) {
+ if (daddr)
memcpy(&iph->daddr, daddr, 4);
- return t->hlen;
- }
if (iph->daddr && !ipv4_is_multicast(iph->daddr))
return t->hlen;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment