[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 08 Sep 2016 17:17:57 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: thomas.zeitlhofer+lkml@...it.at
Cc: steffen.klassert@...unet.com, herbert@...dor.apana.org.au,
netdev@...r.kernel.org
Subject: Re: [PATCH v2] vti: use right inner_mode for inbound inter address
family policy checks
From: thomas.zeitlhofer+lkml@...it.at
Date: Wed, 7 Sep 2016 20:40:38 +0200
> In case of inter address family tunneling (IPv6 over vti4 or IPv4 over
> vti6), the inbound policy checks in vti_rcv_cb() and vti6_rcv_cb() are
> using the wrong address family. As a result, all inbound inter address
> family traffic is dropped.
>
> Use the xfrm_ip2inner_mode() helper, as done in xfrm_input() (i.e., also
> increment LINUX_MIB_XFRMINSTATEMODEERROR in case of error), to select the
> inner_mode that contains the right address family for the inbound policy
> checks.
>
> Signed-off-by: Thomas Zeitlhofer <thomas.zeitlhofer+lkml@...it.at>
Steffen please review this new version of the patch.
Thanks.
Powered by blists - more mailing lists