From: Phil Sutter <p...@nwl.cc> Date: Wed, 15 Jul 2015 21:56:26 +0200
> Newly created flows don't have flowi6_oif set (at least if the > associated socket is not interface-bound). This leads to a mismatch in > __xfrm6_selector_match() for policies which specify an interface in the > selector (sel->ifindex != 0). > > Backtracing shows this happens in code-paths originating from e.g. > ip6_datagram_connect(), rawv6_sendmsg() or tcp_v6_connect(). (UDP was > not tested for.) > > In summary, this patch fixes policy matching on outgoing interface for > locally generated packets. > > Signed-off-by: Phil Sutter <p...@nwl.cc> Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
