There is another bug in xfrm_bundle_ok where I forgot to
check the validity of xdst->route.  In fact, the check
on dst->path isn't strong enough either.  For IPv6 entries,
dst->path->obsolete is always negative until you call
ipv6_dst_check.  So we really need to do that here.

Here's the patch to fix those two problems.  Yes I know
my dst_check implementation is lame.  I'll come back and
fix up all the dst_check functions by moving their dst_release
calls out.  It proves that you were right in that IPv6 dst
leak thread :)
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>