CMNT: [SRU][F/E/B/X][PATCH 0/2] ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets

Sultan Alsawaf sultan.alsawaf at canonical.com
Wed Feb 12 17:28:42 UTC 2020 

On Mon, Feb 10, 2020 at 05:12:16PM -0800, Sultan Alsawaf wrote:
> On Mon, Feb 10, 2020 at 09:59:15AM -0700, Kelsey Skunberg wrote:
> > BugLink: https://bugs.launchpad.net/bugs/1860969
> > 
> > [SRU Justification]
> > 
> > [Impact]
> > 
> > Packets sent to a vti[6]/xfrm interface via bpf_redirect() or via an AF_PACKET socket are dropped (no carrier).
> > 
> > This has been fixed in v5.5 by the following upstream commits
> >  - 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()")
> >  - f042365dbffe ("xfrm interface: fix packet tx through bpf_redirect()")
> > 
> > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95224166a903
> > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f042365dbffe
> > 
> > The bug exists since the beginning of each driver.
> > 
> > == Fix ==
> > 
> > Backport the requested patches to Focal (5.4), Eoan (5.3), Bionic (4.15) and
> > Xenial (4.4).
> > 
> > == Risk of Regression ==
> > 
> > This patch affects only the cases described above (when no dst is attached to the skb), thus the risk should be low.
> > 
> > Nicolas Dichtel (2):
> >   vti[6]: fix packet tx through bpf_redirect()
> >   xfrm interface: fix packet tx through bpf_redirect()
> > 
> >  net/ipv4/ip_vti.c         | 13 +++++++++++--
> >  net/ipv6/ip6_vti.c        | 13 +++++++++++--
> >  net/xfrm/xfrm_interface.c | 32 +++++++++++++++++++++++++-------
> >  3 files changed, 47 insertions(+), 11 deletions(-)
> > 
> > -- 
> > 2.20.1
> > 
> > 
> > -- 
> > kernel-team mailing list
> > kernel-team at lists.ubuntu.com
> > https://lists.ubuntu.com/mailman/listinfo/kernel-team
> 
> Could you clean up the cover letter? I know you copied it from the bug, which is
> fine, but it looks like the bug reporter is !Canonical and kinda botched the
> formatting (i.e., SRU justification is missing and it seems like some of the
> content is placed under the wrong header).
> 
> Please also wrap the cover letter text to 80 columns.
> 
> Thanks!
> Sultan

After consulting the almighty wiki[1], it looks like this is actually correct.

Carry on!

Sultan

[1] https://wiki.ubuntu.com/KernelTeam/KernelUpdates

More information about the kernel-team mailing list