diff options
author | Tobias Brunner <tobias@strongswan.org> | 2025-06-24 14:47:20 +0200 |
---|---|---|
committer | Steffen Klassert <steffen.klassert@secunet.com> | 2025-07-02 09:19:56 +0200 |
commit | 3ac9e29211fa2df5539ba0d742c8fe9fe95fdc79 (patch) | |
tree | 1c09b50cdc28a55cf593d218308a9c8a547ed9e2 | |
parent | c0f21029f123d1b15f8eddc8e3976bf0c8781c43 (diff) | |
download | ipsec-3ac9e29211fa2df5539ba0d742c8fe9fe95fdc79.tar.gz |
xfrm: Set transport header to fix UDP GRO handling
The referenced commit replaced a call to __xfrm4|6_udp_encap_rcv() with
a custom check for non-ESP markers. But what the called function also
did was setting the transport header to the ESP header. The function
that follows, esp4|6_gro_receive(), relies on that being set when it calls
xfrm_parse_spi(). We have to set the full offset as the skb's head was
not moved yet so adding just the UDP header length won't work.
Fixes: e3fd05777685 ("xfrm: Fix UDP GRO handling for some corner cases")
Signed-off-by: Tobias Brunner <tobias@strongswan.org>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
-rw-r--r-- | net/ipv4/xfrm4_input.c | 3 | ||||
-rw-r--r-- | net/ipv6/xfrm6_input.c | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/net/ipv4/xfrm4_input.c b/net/ipv4/xfrm4_input.c index 0d31a8c108d4f6..f28cfd88eaf593 100644 --- a/net/ipv4/xfrm4_input.c +++ b/net/ipv4/xfrm4_input.c @@ -202,6 +202,9 @@ struct sk_buff *xfrm4_gro_udp_encap_rcv(struct sock *sk, struct list_head *head, if (len <= sizeof(struct ip_esp_hdr) || udpdata32[0] == 0) goto out; + /* set the transport header to ESP */ + skb_set_transport_header(skb, offset); + NAPI_GRO_CB(skb)->proto = IPPROTO_UDP; pp = call_gro_receive(ops->callbacks.gro_receive, head, skb); diff --git a/net/ipv6/xfrm6_input.c b/net/ipv6/xfrm6_input.c index 841c81abaaf4ff..9005fc156a20e6 100644 --- a/net/ipv6/xfrm6_input.c +++ b/net/ipv6/xfrm6_input.c @@ -202,6 +202,9 @@ struct sk_buff *xfrm6_gro_udp_encap_rcv(struct sock *sk, struct list_head *head, if (len <= sizeof(struct ip_esp_hdr) || udpdata32[0] == 0) goto out; + /* set the transport header to ESP */ + skb_set_transport_header(skb, offset); + NAPI_GRO_CB(skb)->proto = IPPROTO_UDP; pp = call_gro_receive(ops->callbacks.gro_receive, head, skb); |