| From afcaf61be9d1dbdee5ec186d1dcc67b6b692180f Mon Sep 17 00:00:00 2001 |
| From: Xin Long <lucien.xin@gmail.com> |
| Date: Fri, 10 Apr 2020 17:06:01 +0800 |
| Subject: xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input |
| |
| From: Xin Long <lucien.xin@gmail.com> |
| |
| commit afcaf61be9d1dbdee5ec186d1dcc67b6b692180f upstream. |
| |
| For beet mode, when it's ipv6 inner address with nexthdrs set, |
| the packet format might be: |
| |
| ---------------------------------------------------- |
| | outer | | dest | | | ESP | ESP | |
| | IP hdr | ESP | opts.| TCP | Data | Trailer | ICV | |
| ---------------------------------------------------- |
| |
| The nexthdr from ESP could be NEXTHDR_HOP(0), so it should |
| continue processing the packet when nexthdr returns 0 in |
| xfrm_input(). Otherwise, when ipv6 nexthdr is set, the |
| packet will be dropped. |
| |
| I don't see any error cases that nexthdr may return 0. So |
| fix it by removing the check for nexthdr == 0. |
| |
| Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") |
| Signed-off-by: Xin Long <lucien.xin@gmail.com> |
| Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| net/xfrm/xfrm_input.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/net/xfrm/xfrm_input.c |
| +++ b/net/xfrm/xfrm_input.c |
| @@ -402,7 +402,7 @@ resume: |
| dev_put(skb->dev); |
| |
| spin_lock(&x->lock); |
| - if (nexthdr <= 0) { |
| + if (nexthdr < 0) { |
| if (nexthdr == -EBADMSG) { |
| xfrm_audit_state_icvfail(x, skb, |
| x->type->proto); |
