I propose backporting commit e2612cd496e7 ("xfrm: Make set-mark default
behavior backward compatible") to 4.19 and 4.20 kernels to fix a backwards
compatibility bug introduced in 9b42c1f179a6 (“xfrm: Extend the
output_mark to support input direction and masking”).The fix is small, relatively simple, and has unit tests. :) Without this change, systems using mark-based routing on 4.19 or 4.20 kernels will by fail to route IPsec tunnel mode packets correctly in the default case. This specifically affects Android devices. Thanks.
