]> git.karo-electronics.de Git - karo-tx-linux.git/blobdiff - net/xfrm/xfrm_input.c
projects / karo-tx-linux.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Revert "xfrm: Accept ESP packets regardless of UDP encapsulation mode"
[karo-tx-linux.git] / net / xfrm / xfrm_input.c
diff --git a/net/xfrm/xfrm_input.c b/net/xfrm/xfrm_input.c
index 65bcf09251ef1f368053ebfb9e24ab81541ef680..b4a13178fb40176e41d90ff171e971ac7d6f8935 100644 (file)
--- a/net/xfrm/xfrm_input.c
+++ b/net/xfrm/xfrm_input.c
@@ -167,6 +167,11 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
                        goto drop_unlock;
                }
 
+               if ((x->encap ? x->encap->encap_type : 0) != encap_type) {
+                       XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH);
+                       goto drop_unlock;
+               }
+
                if (x->props.replay_window && xfrm_replay_check(x, skb, seq)) {
                        XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATESEQERROR);
                        goto drop_unlock;
Linux kernel for KaRo TX COM modules