diff options
author | Sabrina Dubroca <sd@queasysnail.net> | 2019-11-25 14:48:59 +0100 |
---|---|---|
committer | Steffen Klassert <steffen.klassert@secunet.com> | 2019-12-09 09:59:07 +0100 |
commit | cac3c71604cf4eada8df00b1e66892636399cda5 (patch) | |
tree | 5b9093d220760185a68e9e10363be41fc1b59bf3 | |
parent | 7b3801927e52f8621de311277f7fc727635019e7 (diff) | |
download | linux-cac3c71604cf4eada8df00b1e66892636399cda5.tar.bz2 |
xfrm: add route lookup to xfrm4_rcv_encap
At this point, with TCP encapsulation, the dst may be gone, but
xfrm_input needs one.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
-rw-r--r-- | net/ipv4/xfrm4_protocol.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/net/ipv4/xfrm4_protocol.c b/net/ipv4/xfrm4_protocol.c index 8a4285712808..ea595c8549c7 100644 --- a/net/ipv4/xfrm4_protocol.c +++ b/net/ipv4/xfrm4_protocol.c @@ -72,6 +72,14 @@ int xfrm4_rcv_encap(struct sk_buff *skb, int nexthdr, __be32 spi, if (!head) goto out; + if (!skb_dst(skb)) { + const struct iphdr *iph = ip_hdr(skb); + + if (ip_route_input_noref(skb, iph->daddr, iph->saddr, + iph->tos, skb->dev)) + goto drop; + } + for_each_protocol_rcu(*head, handler) if ((ret = handler->input_handler(skb, nexthdr, spi, encap_type)) != -EINVAL) return ret; @@ -79,6 +87,7 @@ int xfrm4_rcv_encap(struct sk_buff *skb, int nexthdr, __be32 spi, out: icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); +drop: kfree_skb(skb); return 0; } |