xfrm: set ipv4 no_pmtu_disc flag only on output sa when direction is set

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The XFRM_STATE_NOPMTUDISC flag is only meaningful for output SAs, but
it was being applied regardless of the SA direction when the sysctl
ip_no_pmtu_disc is enabled. This can unintentionally affect input SAs.

Limit setting XFRM_STATE_NOPMTUDISC to output SAs when the SA direction
is configured.

Closes: https://github.com/strongswan/strongswan/issues/2946
Fixes: a4a87fa4e96c ("xfrm: Add Direction to the SA in or out")
Signed-off-by: Antony Antony <antony.antony@secunet.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

authored by

Antony Antony and committed by

Steffen Klassert 3 months ago c196def0 3d5221af

1 changed file

expand all

net

xfrm

xfrm_state.c

net/xfrm/xfrm_state.c

··· 3151 3151 int err; 3152 3152 3153 3153 if (family == AF_INET && 3154 + (!x->dir || x->dir == XFRM_SA_DIR_OUT) && 3154 3155 READ_ONCE(xs_net(x)->ipv4.sysctl_ip_no_pmtu_disc)) 3155 3156 x->props.flags |= XFRM_STATE_NOPMTUDISC; 3156 3157