ACK: [SRU][F/E/B/X][PATCH v2 0/2] ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets
Kleber Souza
kleber.souza at canonical.com
Thu Feb 13 17:38:27 UTC 2020
On 12.02.20 19:07, Kelsey Skunberg wrote:
> BugLink: https://bugs.launchpad.net/bugs/1860969
>
> SRU Justification:
>
> [Impact]
> Packets sent to a vti[6]/xfrm interface via bpf_redirect() or via an AF_PACKET
> socket are dropped (no carrier).
>
> The bug exists since the beginning of each driver.
>
> [Fix]
> This has been fixed in v5.5 by the following upstream commits
> - 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()")
> - f042365dbffe ("xfrm interface: fix packet tx through bpf_redirect()")
>
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95224166a903
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f042365dbffe
>
> Backport the requested patches to Eoan (5.3), Bionic (4.15) and
> Xenial (4.4).
>
> Patches have already been applied to 5.4 focal tree through upstream stable
> updates.
>
> [Testcase]
> Can be reproduced and tested with an AF_PACKET socket and python script which
> is included in both mentioned patches.
>
> [Risk of Regression]
> This patch affects only the cases described above (when no dst is attached
> to the skb), thus the risk should be low.
>
> Changes in v2:
> - organize SRU Justification information to be listed under proper
> catergories
> - limit lines to 80 characters
>
> Nicolas Dichtel (2):
> vti[6]: fix packet tx through bpf_redirect()
> xfrm interface: fix packet tx through bpf_redirect()
>
> net/ipv4/ip_vti.c | 13 +++++++++++--
> net/ipv6/ip6_vti.c | 13 +++++++++++--
> net/xfrm/xfrm_interface.c | 32 +++++++++++++++++++++++++-------
> 3 files changed, 47 insertions(+), 11 deletions(-)
>
Acked-by: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
More information about the kernel-team
mailing list