diff options
| author | Jianbo Liu <jianbol@nvidia.com> | 2025-11-20 05:56:09 +0200 |
|---|---|---|
| committer | Steffen Klassert <steffen.klassert@secunet.com> | 2025-12-04 09:54:53 +0100 |
| commit | 3d5221af9c7711b7aec8da1298c8fc393ef6183d (patch) | |
| tree | 93be7257ff07c215af2fb0d9709a5f052cb17290 /scripts | |
| parent | 8f7aa3d3c7323f4ca2768a9e74ebbe359c4f8f88 (diff) | |
xfrm: Fix inner mode lookup in tunnel mode GSO segmentation
Commit 61fafbee6cfe ("xfrm: Determine inner GSO type from packet inner
protocol") attempted to fix GSO segmentation by reading the inner
protocol from XFRM_MODE_SKB_CB(skb)->protocol. This was incorrect
because the field holds the inner L4 protocol (TCP/UDP) instead of the
required tunnel protocol. Also, the memory location (shared by
XFRM_SKB_CB(skb) which could be overwritten by xfrm_replay_overflow())
is prone to corruption. This combination caused the kernel to select
the wrong inner mode and get the wrong address family.
The correct value is in xfrm_offload(skb)->proto, which is set from
the outer tunnel header's protocol field by esp[4|6]_gso_encap(). It
is initialized by xfrm[4|6]_tunnel_encap_add() to either IPPROTO_IPIP
or IPPROTO_IPV6, using xfrm_af2proto() and correctly reflects the
inner packet's address family.
Fixes: 61fafbee6cfe ("xfrm: Determine inner GSO type from packet inner protocol")
Signed-off-by: Jianbo Liu <jianbol@nvidia.com>
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'scripts')
0 files changed, 0 insertions, 0 deletions