Steve Hill wrote:
> This was a configuration mistake on my part and admittedly it shouldn't 
> work properly - however, it triggered a kernel bug: sending a packet 
> with the DF flag set which will grow to be > the MTU when encrypted 
> causes the kernel to generate an ICMP Frag Needed packet, which got 
> caught by the policy and this triggered the kernel to lock up hard.

Thanks for tracking this down, we need to unlock the state before
calling icmp_send(). This patch fixes it, it should apply to 2.6.10
if you replace dst_mtu() by dst_pmtu() in the context.