mbox series

[ipsec-next,0/5] xfrm: support ipv6 nexthdrs process in transport and beet modes

Message ID cover.1585731430.git.lucien.xin@gmail.com
Headers show
Series xfrm: support ipv6 nexthdrs process in transport and beet modes | expand

Message

Xin Long April 1, 2020, 8:59 a.m. UTC 
For esp transport and beet modes, when the inner ipv6 nexthdrs
are set, the 'proto' and 'transport_header' are needed to fix
in some places, so that the packet can be sent and received
properly, and no panicks are caused.

Note that the inner ipv6 nexthdrs problems don't affect tunnel
mode, as in which ESP nexthdr proto is always IP(6).

Xin Long (5):
  xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input
  xfrm: do pskb_pull properly in __xfrm_transport_prep
  esp6: get the right proto for transport mode in esp6_gso_encap
  esp6: support ipv6 nexthdrs process for beet gso segment
  esp4: support ipv6 nexthdrs process for beet gso segment

 net/ipv4/esp4_offload.c | 14 ++++++++++----
 net/ipv6/esp6_offload.c | 19 ++++++++++++++++---
 net/xfrm/xfrm_device.c  |  8 +++-----
 net/xfrm/xfrm_input.c   |  2 +-
 4 files changed, 30 insertions(+), 13 deletions(-)

Comments

Steffen Klassert April 1, 2020, 9:34 a.m. UTC | #1 
On Wed, Apr 01, 2020 at 04:59:20PM +0800, Xin Long wrote:
> For esp transport and beet modes, when the inner ipv6 nexthdrs
> are set, the 'proto' and 'transport_header' are needed to fix
> in some places, so that the packet can be sent and received
> properly, and no panicks are caused.

Please separate the fixes and send them for inclusion
into the ipsec tree. Everything else has to wait until
after the merge window. net-next is closed and so is
ipsec-next.

Thanks!