1 files changed, 11 insertions, 3 deletions
diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c
index e805e7b3030e..6e87f853d033 100644
--- a/net/ipv4/ip_vti.c
+++ b/net/ipv4/ip_vti.c
@@ -125,8 +125,17 @@ static int vti_rcv(struct sk_buff *skb)
                                  iph->saddr, iph->daddr, 0);
        if (tunnel != NULL) {
                struct pcpu_tstats *tstats;
+                u32 oldmark = skb->mark;
+                int ret;
-                if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
+                /* temporarily mark the skb with the tunnel o_key, to
+                 * only match policies with this mark.
+                 */
+                skb->mark = be32_to_cpu(tunnel->parms.o_key);
+                ret = xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb);
+                skb->mark = oldmark;
+                if (!ret)
                        return -1;
                tstats = this_cpu_ptr(tunnel->dev->tstats);
@@ -135,7 +144,6 @@ static int vti_rcv(struct sk_buff *skb)
                tstats->rx_bytes += skb->len;
                u64_stats_update_end(&tstats->syncp);
-                skb->mark = 0;
                secpath_reset(skb);
                skb->dev = tunnel->dev;
                return 1;
@@ -167,7 +175,7 @@ static netdev_tx_t vti_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
        memset(&fl4, 0, sizeof(fl4));
        flowi4_init_output(&fl4, tunnel->parms.link,
-                           be32_to_cpu(tunnel->parms.i_key), RT_TOS(tos),
+                           be32_to_cpu(tunnel->parms.o_key), RT_TOS(tos),
                           RT_SCOPE_UNIVERSE,
                           IPPROTO_IPIP, 0,
                           dst, tiph->saddr, 0, 0);

diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c index e805e7b3030e..6e87f853d033 100644 --- a/net/ipv4/ip_vti.c +++ b/net/ipv4/ip_vti.c
@@ -125,8 +125,17 @@ static int vti_rcv(struct sk_buff *skb)
125	iph->saddr, iph->daddr, 0);	125	iph->saddr, iph->daddr, 0);
126	if (tunnel != NULL) {	126	if (tunnel != NULL) {
127	struct pcpu_tstats *tstats;	127	struct pcpu_tstats *tstats;
		128	u32 oldmark = skb->mark;
		129	int ret;
128		130
129	if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))	131
		132	/* temporarily mark the skb with the tunnel o_key, to
		133	* only match policies with this mark.
		134	*/
		135	skb->mark = be32_to_cpu(tunnel->parms.o_key);
		136	ret = xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb);
		137	skb->mark = oldmark;
		138	if (!ret)
130	return -1;	139	return -1;
131		140
132	tstats = this_cpu_ptr(tunnel->dev->tstats);	141	tstats = this_cpu_ptr(tunnel->dev->tstats);
@@ -135,7 +144,6 @@ static int vti_rcv(struct sk_buff *skb)
135	tstats->rx_bytes += skb->len;	144	tstats->rx_bytes += skb->len;
136	u64_stats_update_end(&tstats->syncp);	145	u64_stats_update_end(&tstats->syncp);
137		146
138	skb->mark = 0;
139	secpath_reset(skb);	147	secpath_reset(skb);
140	skb->dev = tunnel->dev;	148	skb->dev = tunnel->dev;
141	return 1;	149	return 1;
@@ -167,7 +175,7 @@ static netdev_tx_t vti_tunnel_xmit(struct sk_buff skb, struct net_device dev)
167		175
168	memset(&fl4, 0, sizeof(fl4));	176	memset(&fl4, 0, sizeof(fl4));
169	flowi4_init_output(&fl4, tunnel->parms.link,	177	flowi4_init_output(&fl4, tunnel->parms.link,
170	be32_to_cpu(tunnel->parms.i_key), RT_TOS(tos),	178	be32_to_cpu(tunnel->parms.o_key), RT_TOS(tos),
171	RT_SCOPE_UNIVERSE,	179	RT_SCOPE_UNIVERSE,
172	IPPROTO_IPIP, 0,	180	IPPROTO_IPIP, 0,
173	dst, tiph->saddr, 0, 0);	181	dst, tiph->saddr, 0, 0);