* [PATCH net v2] ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels
@ 2024-03-15 14:35 Tobias Brunner
2024-03-15 14:55 ` David Ahern
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Tobias Brunner @ 2024-03-15 14:35 UTC (permalink / raw
To: David S. Miller, David Ahern; +Cc: netdev, Steffen Klassert, Herbert Xu
Since the referenced commit, the xfrm_inner_extract_output() function
uses the protocol field to determine the address family. So not setting
it for IPv4 raw sockets meant that such packets couldn't be tunneled via
IPsec anymore.
IPv6 raw sockets are not affected as they already set the protocol since
9c9c9ad5fae7 ("ipv6: set skb->protocol on tcp, raw and ip6_append_data
genereated skbs").
Fixes: f4796398f21b ("xfrm: Remove inner/outer modes from output path")
Signed-off-by: Tobias Brunner <tobias@strongswan.org>
---
net/ipv4/raw.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
index 42ac434cfcfa..322e389021c3 100644
--- a/net/ipv4/raw.c
+++ b/net/ipv4/raw.c
@@ -357,6 +357,7 @@ static int raw_send_hdrinc(struct sock *sk, struct flowi4 *fl4,
goto error;
skb_reserve(skb, hlen);
+ skb->protocol = htons(ETH_P_IP);
skb->priority = READ_ONCE(sk->sk_priority);
skb->mark = sockc->mark;
skb->tstamp = sockc->transmit_time;
--
2.34.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH net v2] ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels
2024-03-15 14:35 [PATCH net v2] ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels Tobias Brunner
@ 2024-03-15 14:55 ` David Ahern
2024-03-19 9:43 ` Nicolas Dichtel
2024-03-19 12:50 ` patchwork-bot+netdevbpf
2 siblings, 0 replies; 4+ messages in thread
From: David Ahern @ 2024-03-15 14:55 UTC (permalink / raw
To: Tobias Brunner, David S. Miller; +Cc: netdev, Steffen Klassert, Herbert Xu
On 3/15/24 8:35 AM, Tobias Brunner wrote:
> Since the referenced commit, the xfrm_inner_extract_output() function
> uses the protocol field to determine the address family. So not setting
> it for IPv4 raw sockets meant that such packets couldn't be tunneled via
> IPsec anymore.
>
> IPv6 raw sockets are not affected as they already set the protocol since
> 9c9c9ad5fae7 ("ipv6: set skb->protocol on tcp, raw and ip6_append_data
> genereated skbs").
>
> Fixes: f4796398f21b ("xfrm: Remove inner/outer modes from output path")
> Signed-off-by: Tobias Brunner <tobias@strongswan.org>
> ---
> net/ipv4/raw.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
> index 42ac434cfcfa..322e389021c3 100644
> --- a/net/ipv4/raw.c
> +++ b/net/ipv4/raw.c
> @@ -357,6 +357,7 @@ static int raw_send_hdrinc(struct sock *sk, struct flowi4 *fl4,
> goto error;
> skb_reserve(skb, hlen);
>
> + skb->protocol = htons(ETH_P_IP);
> skb->priority = READ_ONCE(sk->sk_priority);
> skb->mark = sockc->mark;
> skb->tstamp = sockc->transmit_time;
Reviewed-by: David Ahern <dsahern@kernel.org>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH net v2] ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels
2024-03-15 14:35 [PATCH net v2] ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels Tobias Brunner
2024-03-15 14:55 ` David Ahern
@ 2024-03-19 9:43 ` Nicolas Dichtel
2024-03-19 12:50 ` patchwork-bot+netdevbpf
2 siblings, 0 replies; 4+ messages in thread
From: Nicolas Dichtel @ 2024-03-19 9:43 UTC (permalink / raw
To: Tobias Brunner, David S. Miller, David Ahern
Cc: netdev, Steffen Klassert, Herbert Xu
Le 15/03/2024 à 15:35, Tobias Brunner a écrit :
> Since the referenced commit, the xfrm_inner_extract_output() function
> uses the protocol field to determine the address family. So not setting
> it for IPv4 raw sockets meant that such packets couldn't be tunneled via
> IPsec anymore.
>
> IPv6 raw sockets are not affected as they already set the protocol since
> 9c9c9ad5fae7 ("ipv6: set skb->protocol on tcp, raw and ip6_append_data
> genereated skbs").
>
> Fixes: f4796398f21b ("xfrm: Remove inner/outer modes from output path")
> Signed-off-by: Tobias Brunner <tobias@strongswan.org>
Reviewed-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH net v2] ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels
2024-03-15 14:35 [PATCH net v2] ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels Tobias Brunner
2024-03-15 14:55 ` David Ahern
2024-03-19 9:43 ` Nicolas Dichtel
@ 2024-03-19 12:50 ` patchwork-bot+netdevbpf
2 siblings, 0 replies; 4+ messages in thread
From: patchwork-bot+netdevbpf @ 2024-03-19 12:50 UTC (permalink / raw
To: Tobias Brunner; +Cc: davem, dsahern, netdev, steffen.klassert, herbert
Hello:
This patch was applied to netdev/net.git (main)
by Paolo Abeni <pabeni@redhat.com>:
On Fri, 15 Mar 2024 15:35:40 +0100 you wrote:
> Since the referenced commit, the xfrm_inner_extract_output() function
> uses the protocol field to determine the address family. So not setting
> it for IPv4 raw sockets meant that such packets couldn't be tunneled via
> IPsec anymore.
>
> IPv6 raw sockets are not affected as they already set the protocol since
> 9c9c9ad5fae7 ("ipv6: set skb->protocol on tcp, raw and ip6_append_data
> genereated skbs").
>
> [...]
Here is the summary with links:
- [net,v2] ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels
https://git.kernel.org/netdev/net/c/c9b3b81716c5
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2024-03-19 12:50 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-15 14:35 [PATCH net v2] ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels Tobias Brunner
2024-03-15 14:55 ` David Ahern
2024-03-19 9:43 ` Nicolas Dichtel
2024-03-19 12:50 ` patchwork-bot+netdevbpf
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.