summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorYossi Kuperman <yossiku@mellanox.com>2018-01-23 00:16:21 +0200
committerSteffen Klassert <steffen.klassert@secunet.com>2018-01-23 10:56:36 +0100
commit5efec5c655dd31944af440ff2b0a93facc4a7762 (patch)
tree577ea2660c599eab1175b2e743ee147623c727b5 /net
parentaa5dd6fa6f5d4bdc82a67e952bba8ad2e98d77e2 (diff)
downloadlinux-stable-5efec5c655dd31944af440ff2b0a93facc4a7762.tar.gz
linux-stable-5efec5c655dd31944af440ff2b0a93facc4a7762.tar.bz2
linux-stable-5efec5c655dd31944af440ff2b0a93facc4a7762.zip
xfrm: Fix eth_hdr(skb)->h_proto to reflect inner IP version
IPSec tunnel mode supports encapsulation of IPv4 over IPv6 and vice-versa. The outer IP header is stripped and the inner IP inherits the original Ethernet header. Tcpdump fails to properly decode the inner packet in case that h_proto is different than the inner IP version. Fix h_proto to reflect the inner IP version. Signed-off-by: Yossi Kuperman <yossiku@mellanox.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/xfrm4_mode_tunnel.c1
-rw-r--r--net/ipv6/xfrm6_mode_tunnel.c1
2 files changed, 2 insertions, 0 deletions
diff --git a/net/ipv4/xfrm4_mode_tunnel.c b/net/ipv4/xfrm4_mode_tunnel.c
index e6265e2c274e..20ca486b3cad 100644
--- a/net/ipv4/xfrm4_mode_tunnel.c
+++ b/net/ipv4/xfrm4_mode_tunnel.c
@@ -92,6 +92,7 @@ static int xfrm4_mode_tunnel_input(struct xfrm_state *x, struct sk_buff *skb)
skb_reset_network_header(skb);
skb_mac_header_rebuild(skb);
+ eth_hdr(skb)->h_proto = skb->protocol;
err = 0;
diff --git a/net/ipv6/xfrm6_mode_tunnel.c b/net/ipv6/xfrm6_mode_tunnel.c
index 02556e356f87..dc93002ff9d1 100644
--- a/net/ipv6/xfrm6_mode_tunnel.c
+++ b/net/ipv6/xfrm6_mode_tunnel.c
@@ -92,6 +92,7 @@ static int xfrm6_mode_tunnel_input(struct xfrm_state *x, struct sk_buff *skb)
skb_reset_network_header(skb);
skb_mac_header_rebuild(skb);
+ eth_hdr(skb)->h_proto = skb->protocol;
err = 0;