Patch "xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets" has been added to the 5.15-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Mon, 26 Jun 2023 00:34:03 -0400

This is a note to let you know that I've just added the patch titled

    xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     xfrm-fix-inbound-ipv4-udp-esp-packets-to-udpv6-duals.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit f0da4f96b3a9cfffbcf37a3007787c51fdb212c6
Author: Maciej Żenczykowski <maze@xxxxxxxxxx>
Date:   Mon Jun 5 04:06:54 2023 -0700

    xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
    
    [ Upstream commit 1166a530a84758bb9e6b448fc8c195ed413f5ded ]
    
    Before Linux v5.8 an AF_INET6 SOCK_DGRAM (udp/udplite) socket
    with SOL_UDP, UDP_ENCAP, UDP_ENCAP_ESPINUDP{,_NON_IKE} enabled
    would just unconditionally use xfrm4_udp_encap_rcv(), afterwards
    such a socket would use the newly added xfrm6_udp_encap_rcv()
    which only handles IPv6 packets.
    
    Cc: Sabrina Dubroca <sd@xxxxxxxxxxxxxxx>
    Cc: Steffen Klassert <steffen.klassert@xxxxxxxxxxx>
    Cc: Jakub Kicinski <kuba@xxxxxxxxxx>
    Cc: Benedict Wong <benedictwong@xxxxxxxxxx>
    Cc: Yan Yan <evitayan@xxxxxxxxxx>
    Fixes: 0146dca70b87 ("xfrm: add support for UDPv6 encapsulation of ESP")
    Signed-off-by: Maciej Żenczykowski <maze@xxxxxxxxxx>
    Reviewed-by: Simon Horman <simon.horman@xxxxxxxxxxxx>
    Reviewed-by: Sabrina Dubroca <sd@xxxxxxxxxxxxxxx>
    Signed-off-by: Steffen Klassert <steffen.klassert@xxxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/net/ipv4/xfrm4_input.c b/net/ipv4/xfrm4_input.c
index ad2afeef4f106..eac206a290d05 100644
--- a/net/ipv4/xfrm4_input.c
+++ b/net/ipv4/xfrm4_input.c
@@ -164,6 +164,7 @@ int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb)
 	kfree_skb(skb);
 	return 0;
 }
+EXPORT_SYMBOL(xfrm4_udp_encap_rcv);
 
 int xfrm4_rcv(struct sk_buff *skb)
 {
diff --git a/net/ipv6/xfrm6_input.c b/net/ipv6/xfrm6_input.c
index 04cbeefd89828..4907ab241d6be 100644
--- a/net/ipv6/xfrm6_input.c
+++ b/net/ipv6/xfrm6_input.c
@@ -86,6 +86,9 @@ int xfrm6_udp_encap_rcv(struct sock *sk, struct sk_buff *skb)
 	__be32 *udpdata32;
 	__u16 encap_type = up->encap_type;
 
+	if (skb->protocol == htons(ETH_P_IP))
+		return xfrm4_udp_encap_rcv(sk, skb);
+
 	/* if this is not encapsulated socket, then just return now */
 	if (!encap_type)
 		return 1;






