From: David S. Miller <davem@davemloft.net>
Date: Fri, 19 Dec 2008 03:23:56 +0000 (-0800)
Subject: Revert "xfrm: Accept ESP packets regardless of UDP encapsulation mode"
X-Git-Tag: firefly_0821_release~16481^2~121
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=3de77cf23e9a19b9fc28e3b29371308325428c39;p=firefly-linux-kernel-4.4.55.git

Revert "xfrm: Accept ESP packets regardless of UDP encapsulation mode"

This reverts commit e061b165c7f4ec5e2e160d990b49011b5b6e5c6a.

Signed-off-by: David S. Miller <davem@davemloft.net>
---

diff --git a/net/xfrm/xfrm_input.c b/net/xfrm/xfrm_input.c
index 65bcf09251ef..b4a13178fb40 100644
--- a/net/xfrm/xfrm_input.c
+++ b/net/xfrm/xfrm_input.c
@@ -167,6 +167,11 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
 			goto drop_unlock;
 		}
 
+		if ((x->encap ? x->encap->encap_type : 0) != encap_type) {
+			XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH);
+			goto drop_unlock;
+		}
+
 		if (x->props.replay_window && xfrm_replay_check(x, skb, seq)) {
 			XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATESEQERROR);
 			goto drop_unlock;