ipv4: Restore flowi4_oif update before call to xfrm_lookup_route

[ Upstream commit 874fb9e2ca949b443cc419a4f2227cafd4381d39 ]

Tobias reported regressions in IPsec tests following the patch
referenced by the Fixes tag below. The root cause is dropping the
reset of the flowi4_oif after the fib_lookup. Apparently it is
needed for xfrm cases, so restore the oif update to ip_route_output_flow
right before the call to xfrm_lookup_route.

Fixes: 2fbc6e89b2f1 ("ipv4: Update exception handling for multipath routes via same device")
Reported-by: Tobias Brunner <tobias@strongswan.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 6fcb12e083d99cca99c9e0bb2beb8cee45420276..87854642e0b6ead9c71906dc04970a7f71c7c478 100644 (file)
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2603,10 +2603,12 @@ struct rtable *ip_route_output_flow(struct net *net, struct flowi4 *flp4,
        if (IS_ERR(rt))
                return rt;
 
-       if (flp4->flowi4_proto)
+       if (flp4->flowi4_proto) {
+               flp4->flowi4_oif = rt->dst.dev->ifindex;
                rt = (struct rtable *)xfrm_lookup_route(net, &rt->dst,
                                                        flowi4_to_flowi(flp4),
                                                        sk, 0);
+       }
 
        return rt;
 }