ACK: [SRU][F/E/B/X][PATCH v2 0/2] ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets

Kleber Souza kleber.souza at canonical.com
Thu Feb 13 17:38:27 UTC 2020


On 12.02.20 19:07, Kelsey Skunberg wrote:
> BugLink: https://bugs.launchpad.net/bugs/1860969
> 
> SRU Justification:
> 
> [Impact]
> Packets sent to a vti[6]/xfrm interface via bpf_redirect() or via an AF_PACKET
> socket are dropped (no carrier). 
> 
> The bug exists since the beginning of each driver.
> 
> [Fix]
> This has been fixed in v5.5 by the following upstream commits
>  - 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()")
>  - f042365dbffe ("xfrm interface: fix packet tx through bpf_redirect()")
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95224166a903
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f042365dbffe
> 
> Backport the requested patches to Eoan (5.3), Bionic (4.15) and
> Xenial (4.4).
> 
> Patches have already been applied to 5.4 focal tree through upstream stable
> updates.
> 
> [Testcase]
> Can be reproduced and tested with an AF_PACKET socket and python script which
> is included in both mentioned patches.
> 
> [Risk of Regression]
> This patch affects only the cases described above (when no dst is attached
> to the skb), thus the risk should be low.
> 
> Changes in v2:
>   - organize SRU Justification information to be listed under proper
>     catergories 
>   - limit lines to 80 characters 
> 
> Nicolas Dichtel (2):
>   vti[6]: fix packet tx through bpf_redirect()
>   xfrm interface: fix packet tx through bpf_redirect()
> 
>  net/ipv4/ip_vti.c         | 13 +++++++++++--
>  net/ipv6/ip6_vti.c        | 13 +++++++++++--
>  net/xfrm/xfrm_interface.c | 32 +++++++++++++++++++++++++-------
>  3 files changed, 47 insertions(+), 11 deletions(-)
> 

Acked-by: Kleber Sacilotto de Souza <kleber.souza at canonical.com>



More information about the kernel-team mailing list