[SRU][F/E/B/X][PATCH v2 0/2] ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets
Kelsey Skunberg
kelsey.skunberg at canonical.com
Wed Feb 12 18:07:27 UTC 2020
BugLink: https://bugs.launchpad.net/bugs/1860969
SRU Justification:
[Impact]
Packets sent to a vti[6]/xfrm interface via bpf_redirect() or via an AF_PACKET
socket are dropped (no carrier).
The bug exists since the beginning of each driver.
[Fix]
This has been fixed in v5.5 by the following upstream commits
- 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()")
- f042365dbffe ("xfrm interface: fix packet tx through bpf_redirect()")
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95224166a903
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f042365dbffe
Backport the requested patches to Eoan (5.3), Bionic (4.15) and
Xenial (4.4).
Patches have already been applied to 5.4 focal tree through upstream stable
updates.
[Testcase]
Can be reproduced and tested with an AF_PACKET socket and python script which
is included in both mentioned patches.
[Risk of Regression]
This patch affects only the cases described above (when no dst is attached
to the skb), thus the risk should be low.
Changes in v2:
- organize SRU Justification information to be listed under proper
catergories
- limit lines to 80 characters
Nicolas Dichtel (2):
vti[6]: fix packet tx through bpf_redirect()
xfrm interface: fix packet tx through bpf_redirect()
net/ipv4/ip_vti.c | 13 +++++++++++--
net/ipv6/ip6_vti.c | 13 +++++++++++--
net/xfrm/xfrm_interface.c | 32 +++++++++++++++++++++++++-------
3 files changed, 47 insertions(+), 11 deletions(-)
--
2.20.1
More information about the kernel-team
mailing list