Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp2409188lqp; Sun, 24 Mar 2024 18:23:21 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCX88f7eZl6hnM3OoWr818xnBm6szr4icOsKEoe2ZAieJlfwXS9LwRjKKK8nXO/9UBsZcNEiAJLs3WTlWExSoBoYHPiAoPQUJszu3RLqJQ== X-Google-Smtp-Source: AGHT+IGAhb4ieXdDD1rq3xGe5lmqH9mmJsNCHMWIzuk5GG5sOsvS91J2sg4Nq57rqgFxlRLY+ZKT X-Received: by 2002:a17:90b:2292:b0:2a0:3b32:77f6 with SMTP id kx18-20020a17090b229200b002a03b3277f6mr3635160pjb.29.1711329800842; Sun, 24 Mar 2024 18:23:20 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711329800; cv=pass; d=google.com; s=arc-20160816; b=Jn7TW2bW+jFz9IPstR1EuAy8EIbiwnP+3hwGEw2oU4Kjf4v47R6HYMoFfgQM0pNCe0 Pq5SycLBX07KUkJ8RZo4QICHN2lIe8CUtZJUiB5eO/SHYgpxGmVG+mRcNEEmUlzD4QDn ytFLjpsSEJs0rn+ycnGPcR4O4MuveCpI3OVDZg10oPnVzb5biSuc8PpKiylDgnUOaABd qXM87jCFjzjptepBIhyry9FmdrUlbOm1zwDH+C0uPugHM66ht16x3CWMIFb+E6Pm2yb6 fey+kcLOL7qPx0hjv9LP8/VKcsQo6Jbmjl026txwR4fYT3mhAxC2R6V5vOtGyqVYyIgW 42xA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=QPOVYuDHDzwlzswDWjkutSWKhS/RNz3uJrze25+K2J8=; fh=lzqFpIXo6oVOxgxCtyayFZifTkXrT4N1uaEMzNoXWD8=; b=b2qj3wyWtCdeCA9BiN2cY20J/CqLRz+X1C/9MLLkuqL/chjTKIzRN6LAq2mnnX0Qm3 06w+I+sq+DYpNSbpizO4M606Br2sdBiNXbOOfjMc9JnsyRuzcp7LxS7gERaO5d1jLt0J Qxnzp58BzkZtLN+M9DmzkUGupzSVCONdJrTVbQcfo/Izp4XW8yRFzBdOIqEerBAn/311 QXAvEa5TI8VOZLFSAAX8ueXD6a06xz2PJ/l5us5tWNTHPJsIKE+YeIdj5ltzqamOOwQb Qwm0DP9T+83a8Dpz2vsvHT2P7X0PwqZtTnJhII+IkwwULySQnnVuu5mkNC/bLIB9zEFp BkGA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=NaShrrsD; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-113576-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-113576-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id d16-20020a17090ac25000b0029a1aaefe30si6546325pjx.188.2024.03.24.18.23.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 24 Mar 2024 18:23:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-113576-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=NaShrrsD; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-113576-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-113576-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 55538B23C6B for ; Mon, 25 Mar 2024 01:07:27 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A59ED13E8BC; Sun, 24 Mar 2024 22:46:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="NaShrrsD" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C012D1C8FC8; Sun, 24 Mar 2024 22:46:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711320379; cv=none; b=hOvjuOw44hAgwb9BeCIHSq+RakY7kwftEOKEPIR9AdiuNr8jEicPMWIBWi3Tf2lhTBcVoNp3BNV/skTaKjTyc5cEpi9a1DGAV3amqYNW3ezSt+AmgvVFATtWnomXTem0Ci5mhm/4JkHrB4Fs6CvsvUEn9lLLYyJu0a7VMC5enTI= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711320379; c=relaxed/simple; bh=nuvNN4ZvtBd/GUiziz/K8W0DyuJfnso9yH/WmpRvifE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=bDyfXCcebSzVcjqbLBjwjGeRY8V72chbLgiSzTCSuTb0E9BXwDCdlUCj+tzNkOLM1LpYbq1ItK1SAeZoKmsJSW95BkZwbQU8TiqPCNVk0QSYZvxmlIa7zVnZ1gjIK4usLn6mfnH+GIgEO0ybE2GJd+xRXQuhgfXOYcb0FMBrABQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=NaShrrsD; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id A226DC433C7; Sun, 24 Mar 2024 22:46:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1711320379; bh=nuvNN4ZvtBd/GUiziz/K8W0DyuJfnso9yH/WmpRvifE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=NaShrrsDlzh6FdAFyyxFRMGgn8PsHQW281zoxwUSjAtCzzyd2JL14u95MLu0AkBqq UmpIfqalY8zTE4qbKWTVb1nTj3MS2P3znEO5kijAWhhIA/aTtnzeL5zcOE2BioOP+P H8Rrc7DQakDsvwQMs3VBHAGCrUPlLbeP4w+3w/kjlv/Dwkc6C4sIsxCKBsE4woz2sM LxNxwDSRD2E5Iy+RQjyp4nJrTi/vPL+jsE2QW7NC1pOFWPz6Z5l1M4QDQImqxwfWOu cCXvLwxaLBiMyctWq+4YOBTzS4SCBUC6MVa1i3xMm8NJk9sdArDA3EXcQbXZbaUkGr +ACr7KSzeWBwA== From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Tobias Brunner , David Ahern , Nicolas Dichtel , Paolo Abeni , Sasha Levin Subject: [PATCH 6.8 685/715] ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels Date: Sun, 24 Mar 2024 18:34:24 -0400 Message-ID: <20240324223455.1342824-686-sashal@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240324223455.1342824-1-sashal@kernel.org> References: <20240324223455.1342824-1-sashal@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit From: Tobias Brunner [ Upstream commit c9b3b81716c5b92132a6c1d4ac3c48a7b44082ab ] Since the referenced commit, the xfrm_inner_extract_output() function uses the protocol field to determine the address family. So not setting it for IPv4 raw sockets meant that such packets couldn't be tunneled via IPsec anymore. IPv6 raw sockets are not affected as they already set the protocol since 9c9c9ad5fae7 ("ipv6: set skb->protocol on tcp, raw and ip6_append_data genereated skbs"). Fixes: f4796398f21b ("xfrm: Remove inner/outer modes from output path") Signed-off-by: Tobias Brunner Reviewed-by: David Ahern Reviewed-by: Nicolas Dichtel Link: https://lore.kernel.org/r/c5d9a947-eb19-4164-ac99-468ea814ce20@strongswan.org Signed-off-by: Paolo Abeni Signed-off-by: Sasha Levin --- net/ipv4/raw.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c index aea89326c6979..288f1846b3518 100644 --- a/net/ipv4/raw.c +++ b/net/ipv4/raw.c @@ -350,6 +350,7 @@ static int raw_send_hdrinc(struct sock *sk, struct flowi4 *fl4, goto error; skb_reserve(skb, hlen); + skb->protocol = htons(ETH_P_IP); skb->priority = READ_ONCE(sk->sk_priority); skb->mark = sockc->mark; skb->tstamp = sockc->transmit_time; -- 2.43.0