From mboxrd@z Thu Jan 1 00:00:00 1970 From: Benedict Wong Subject: [PATCH ipsec, resend 1/1] xfrm: Make set-mark default behavior backward compatible Date: Fri, 11 Jan 2019 12:14:12 -0800 Message-ID: <20190111201412.176246-2-benedictwong@google.com> References: <20190111201412.176246-1-benedictwong@google.com> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Cc: nharold@google.com, benedictwong@google.com, lorenzo@google.com, maze@google.com To: netdev@vger.kernel.org Return-path: Received: from mail-qk1-f202.google.com ([209.85.222.202]:37370 "EHLO mail-qk1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725767AbfAKWD5 (ORCPT ); Fri, 11 Jan 2019 17:03:57 -0500 Received: by mail-qk1-f202.google.com with SMTP id s70so10722404qks.4 for ; Fri, 11 Jan 2019 14:03:56 -0800 (PST) In-Reply-To: <20190111201412.176246-1-benedictwong@google.com> Sender: netdev-owner@vger.kernel.org List-ID: Fixes 9b42c1f179a6, which changed the default route lookup behavior for tunnel mode SAs in the outbound direction to use the skb mark, whereas previously mark=3D0 was used if the output mark was unspecified. In mark-based routing schemes such as Android=E2=80=99s, this change in defaul= t behavior causes routing loops or lookup failures. This patch restores the default behavior of using a 0 mark while still incorporating the skb mark if the SET_MARK (and SET_MARK_MASK) is specified. Tested with additions to Android's kernel unit test suite: https://android-review.googlesource.com/c/kernel/tests/+/860150 Fixes: 9b42c1f179a6 ("xfrm: Extend the output_mark to support input directi= on and masking") Signed-off-by: Benedict Wong --- net/xfrm/xfrm_policy.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 934492bad8e0..5f574ede1332 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -2600,7 +2600,10 @@ static struct dst_entry *xfrm_bundle_create(struct x= frm_policy *policy, dst_copy_metrics(dst1, dst); =20 if (xfrm[i]->props.mode !=3D XFRM_MODE_TRANSPORT) { - __u32 mark =3D xfrm_smark_get(fl->flowi_mark, xfrm[i]); + __u32 mark =3D 0; + + if (xfrm[i]->props.smark.v || xfrm[i]->props.smark.m) + mark =3D xfrm_smark_get(fl->flowi_mark, xfrm[i]); =20 family =3D xfrm[i]->props.family; dst =3D xfrm_dst_lookup(xfrm[i], tos, fl->flowi_oif, --=20 2.20.1.97.g81188d93c3-goog