tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge tag 'ipsec-2026-01-14' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec

Steffen Klassert says:

====================
pull request (net): ipsec 2026-01-14

1) Fix inner mode lookup in tunnel mode GSO segmentation.
The protocol was taken from the wrong field.

2) Set ipv4 no_pmtu_disc flag only on output SAs. The
insertation of input SAs can fail if no_pmtu_disc
is set.

Please pull or let me know if there are problems.

ipsec-2026-01-14

* tag 'ipsec-2026-01-14' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec:
xfrm: set ipv4 no_pmtu_disc flag only on output sa when direction is set
xfrm: Fix inner mode lookup in tunnel mode GSO segmentation
====================

Link: https://patch.msgid.link/20260114121817.1106134-1-steffen.klassert@secunet.com
Signed-off-by: Paolo Abeni <pabeni@redhat.com>

Paolo Abeni 5ce234a8 4156c374

+5 -4
+2 -2
net/ipv4/esp4_offload.c
··· 122 122 struct sk_buff *skb, 123 123 netdev_features_t features) 124 124 { 125 - const struct xfrm_mode *inner_mode = xfrm_ip2inner_mode(x, 126 - XFRM_MODE_SKB_CB(skb)->protocol); 125 + struct xfrm_offload *xo = xfrm_offload(skb); 126 + const struct xfrm_mode *inner_mode = xfrm_ip2inner_mode(x, xo->proto); 127 127 __be16 type = inner_mode->family == AF_INET6 ? htons(ETH_P_IPV6) 128 128 : htons(ETH_P_IP); 129 129
+2 -2
net/ipv6/esp6_offload.c
··· 158 158 struct sk_buff *skb, 159 159 netdev_features_t features) 160 160 { 161 - const struct xfrm_mode *inner_mode = xfrm_ip2inner_mode(x, 162 - XFRM_MODE_SKB_CB(skb)->protocol); 161 + struct xfrm_offload *xo = xfrm_offload(skb); 162 + const struct xfrm_mode *inner_mode = xfrm_ip2inner_mode(x, xo->proto); 163 163 __be16 type = inner_mode->family == AF_INET ? htons(ETH_P_IP) 164 164 : htons(ETH_P_IPV6); 165 165
+1
net/xfrm/xfrm_state.c
··· 3151 3151 int err; 3152 3152 3153 3153 if (family == AF_INET && 3154 + (!x->dir || x->dir == XFRM_SA_DIR_OUT) && 3154 3155 READ_ONCE(xs_net(x)->ipv4.sysctl_ip_no_pmtu_disc)) 3155 3156 x->props.flags |= XFRM_STATE_NOPMTUDISC; 3156 3157