public inbox for netdev@vger.kernel.org
 help / color / mirror / Atom feed
From: Hannes Frederic Sowa <hannes@stressinduktion.org>
To: netdev@vger.kernel.org
Cc: steffen.klassert@secunet.com
Subject: [PATCH ipsec 3/3] xfrm: choose protocol family by skb protocol
Date: Sat, 17 Aug 2013 19:51:37 +0200	[thread overview]
Message-ID: <20130817175137.GA7088@order.stressinduktion.org> (raw)

We need to choose the protocol family by skb->protocol. Otherwise we
call the wrong xfrm{4,6}_local_error handler in case an ipv6 sockets is
used in ipv4 mode, in which case we should call down to xfrm4_local_error
(ip6 sockets are a superset of ip4 ones).

We are called before before ip_output functions, so skb->protocol is
not reset.

Cc: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
---

This patch is based on Steffen Klassert's ipsec tree. 

 include/net/xfrm.h     |  4 ++--
 net/xfrm/xfrm_output.c | 10 +++++++++-
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index b41d2d1..ac5b025 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -1728,9 +1728,9 @@ static inline int xfrm_skb_dst_mtu(struct sk_buff *skb)
 {
 	struct sock *sk = skb->sk;
 
-	if (sk && sk->sk_family == AF_INET6)
+	if (sk && skb->protocol == htons(ETH_P_IPV6))
 		return ip6_skb_dst_mtu(skb);
-	else if (sk && sk->sk_family == AF_INET)
+	else if (sk && skb->protocol == htons(ETH_P_IP))
 		return ip_skb_dst_mtu(skb);
 	return dst_mtu(skb_dst(skb));
 }
diff --git a/net/xfrm/xfrm_output.c b/net/xfrm/xfrm_output.c
index 6f5fc61..3bb2cdc 100644
--- a/net/xfrm/xfrm_output.c
+++ b/net/xfrm/xfrm_output.c
@@ -216,9 +216,17 @@ int xfrm_inner_extract_output(struct xfrm_state *x, struct sk_buff *skb)
 
 void xfrm_local_error(struct sk_buff *skb, int mtu)
 {
+	unsigned int proto;
 	struct xfrm_state_afinfo *afinfo;
 
-	afinfo = xfrm_state_get_afinfo(skb->sk->sk_family);
+	if (skb->protocol == htons(ETH_P_IP))
+		proto = AF_INET;
+	else if (skb->protocol == htons(ETH_P_IPV6))
+		proto = AF_INET6;
+	else
+		return;
+
+	afinfo = xfrm_state_get_afinfo(proto);
 	if (!afinfo)
 		return;
 
-- 
1.8.3.1

             reply	other threads:[~2013-08-17 17:51 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-08-17 17:51 Hannes Frederic Sowa [this message]
2013-08-17 19:04 ` [PATCH ipsec 3/3] xfrm: choose protocol family by skb protocol Eric Dumazet

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130817175137.GA7088@order.stressinduktion.org \
    --to=hannes@stressinduktion.org \
    --cc=netdev@vger.kernel.org \
    --cc=steffen.klassert@secunet.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox