Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
bpf: Correctly use revalidate_data_pull() in do_decrypt()
The IPv6 path in do_decrypt() was already correctly using revalidate_data_pull(). The IPv4 path was node. If not enough headers were pull'ed, the call would fail which resulted in ESP packets not being detected correctly and thus not decrypted due to lacking the packet mark. This seems to be a regression introduced with the refactoring commit 9ed106a. Fixes: 9ed106a ("cilium: create lib for encryption") Suggested-by: John Fastabend <john.fastabend@gmail.com> Signed-off-by: Thomas Graf <thomas@cilium.io>
- Loading branch information