xfrm: Decode sessions with output interface.

The output interface matching does not work on forward policy lookups, the output interface of the flowi is always 0. Fix this by setting the output interface when we decode the session. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
author: Steffen Klassert <steffen.klassert@secunet.com> 2013-09-09 10:38:38 +0200
committer: Steffen Klassert <steffen.klassert@secunet.com> 2013-09-16 09:39:43 +0200
commit: bafd4bd4dcfa13145db7f951251eef3e10f8c278 (patch)
tree: ea58f7ef1aa6fc37c97013492484af3afe24a799
parent: 4479ff76c43607b680f9349128d8493228b49dce (diff)
2 files changed, 2 insertions, 0 deletions
diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
index 9a459be24af..ccde54248c8 100644
--- a/net/ipv4/xfrm4_policy.c
+++ b/net/ipv4/xfrm4_policy.c
@@ -107,6 +107,7 @@ _decode_session4(struct sk_buff *skb, struct flowi *fl, int reverse)
 
 	memset(fl4, 0, sizeof(struct flowi4));
 	fl4->flowi4_mark = skb->mark;
+	fl4->flowi4_oif = skb_dst(skb)->dev->ifindex;
 
 	if (!ip_is_fragment(iph)) {
 		switch (iph->protocol) {
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
index 23ed03d786c..08ed2772b7a 100644
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c
@@ -138,6 +138,7 @@ _decode_session6(struct sk_buff *skb, struct flowi *fl, int reverse)
 
 	memset(fl6, 0, sizeof(struct flowi6));
 	fl6->flowi6_mark = skb->mark;
+	fl6->flowi6_oif = skb_dst(skb)->dev->ifindex;
 
 	fl6->daddr = reverse ? hdr->saddr : hdr->daddr;
 	fl6->saddr = reverse ? hdr->daddr : hdr->saddr;
author	Steffen Klassert <steffen.klassert@secunet.com>	2013-09-09 10:38:38 +0200
committer	Steffen Klassert <steffen.klassert@secunet.com>	2013-09-16 09:39:43 +0200
commit	bafd4bd4dcfa13145db7f951251eef3e10f8c278 (patch)
tree	ea58f7ef1aa6fc37c97013492484af3afe24a799
parent	4479ff76c43607b680f9349128d8493228b49dce (diff)