Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

drivers/net/ethernet/microchip/sparx5/sparx5_switchdev.c 9c5de246c1db ("net: sparx5: mdb add/del handle non-sparx5 devices") fbb89d02e33a ("net: sparx5: Allow mdb entries to both CPU and ports") Signed-off-by: Jakub Kicinski <kuba@kernel.org>
author: Jakub Kicinski <kuba@kernel.org> 2022-06-30 16:31:00 -0700
committer: Jakub Kicinski <kuba@kernel.org> 2022-06-30 16:31:00 -0700
commit: 0d8730f07c822a351a624462918c7109cdc7f402 (patch)
tree: 3539d4c7c098894f3b2d5f49134c8cfccc06aaca /net/ipv4/tcp_ipv4.c
parent: b7d78b46d5e8dc77c656c13885d31e931923b915 (diff)
parent: 5e8379351dbde61ea383e514f0f9ecb2c047cf4e (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index fda811a5251f..68d0d8a008e2 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1964,7 +1964,10 @@ process:
 		struct sock *nsk;
 
 		sk = req->rsk_listener;
-		drop_reason = tcp_inbound_md5_hash(sk, skb,
+		if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb))
+			drop_reason = SKB_DROP_REASON_XFRM_POLICY;
+		else
+			drop_reason = tcp_inbound_md5_hash(sk, skb,
 						   &iph->saddr, &iph->daddr,
 						   AF_INET, dif, sdif);
 		if (unlikely(drop_reason)) {
@@ -2016,6 +2019,7 @@ process:
 			}
 			goto discard_and_relse;
 		}
+		nf_reset_ct(skb);
 		if (nsk == sk) {
 			reqsk_put(req);
 			tcp_v4_restore_cb(skb);
author	Jakub Kicinski <kuba@kernel.org>	2022-06-30 16:31:00 -0700
committer	Jakub Kicinski <kuba@kernel.org>	2022-06-30 16:31:00 -0700
commit	0d8730f07c822a351a624462918c7109cdc7f402 (patch)
tree	3539d4c7c098894f3b2d5f49134c8cfccc06aaca /net/ipv4/tcp_ipv4.c
parent	b7d78b46d5e8dc77c656c13885d31e931923b915 (diff)
parent	5e8379351dbde61ea383e514f0f9ecb2c047cf4e (diff)