diff options
| author | Eyal Birger <eyal.birger@gmail.com> | 2024-09-03 02:07:10 +0200 |
|---|---|---|
| committer | Steffen Klassert <steffen.klassert@secunet.com> | 2024-09-23 07:02:07 +0200 |
| commit | b8469721034300bbb6dec5b4bf32492c95e16a0c (patch) | |
| tree | 7caeadc1ab947975aa9c259649d6dc389ea8db51 /net/ipv6 | |
| parent | xfrm: extract dst lookup parameters into a struct (diff) | |
| download | linux-b8469721034300bbb6dec5b4bf32492c95e16a0c.tar.xz linux-b8469721034300bbb6dec5b4bf32492c95e16a0c.zip | |
xfrm: respect ip protocols rules criteria when performing dst lookups
The series in the "fixes" tag added the ability to consider L4 attributes
in routing rules.
The dst lookup on the outer packet of encapsulated traffic in the xfrm
code was not adapted to this change, thus routing behavior that relies
on L4 information is not respected.
Pass the ip protocol information when performing dst lookups.
Fixes: a25724b05af0 ("Merge branch 'fib_rules-support-sport-dport-and-proto-match'")
Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
Tested-by: Antony Antony <antony.antony@secunet.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/xfrm6_policy.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c index fc3f5eec6898..1f19b6f14484 100644 --- a/net/ipv6/xfrm6_policy.c +++ b/net/ipv6/xfrm6_policy.c @@ -37,6 +37,9 @@ static struct dst_entry *xfrm6_dst_lookup(const struct xfrm_dst_lookup_params *p if (params->saddr) memcpy(&fl6.saddr, params->saddr, sizeof(fl6.saddr)); + fl6.flowi4_proto = params->ipproto; + fl6.uli = params->uli; + dst = ip6_route_output(params->net, NULL, &fl6); err = dst->error; |