xfrm: enable to set non-wildcard mark 0 on SAs and SPs

ip xfrm considers that the user-defined mark is "any" as soon as
(mark.v & mark.m == 0), which prevents from specifying non-wildcard
marks that include the value 0 (typically 0/0xffffffff).

Yet, matching exactly mark 0 is useful for instance to separate
vti policies from global policies.

Always configure the user mark if mark.m != 0.

Signed-off-by: Christophe Gouault <christophe.gouault@6wind.com>

diff --git a/ip/xfrm_policy.c b/ip/xfrm_policy.c
index 36e33c982efdbfd4f93abb7263509af4a422d549..a8d8b98bafd93b9fad476d17ac341fbf6ba45b77 100644 (file)
--- a/ip/xfrm_policy.c
+++ b/ip/xfrm_policy.c
@@ -373,7 +373,7 @@ static int xfrm_policy_modify(int cmd, unsigned flags, int argc, char **argv)
                          (void *)tmpls_buf, tmpls_len);
        }
 
-       if (mark.m & mark.v) {
+       if (mark.m) {
                int r = addattr_l(&req.n, sizeof(req.buf), XFRMA_MARK,
                                  (void *)&mark, sizeof(mark));
                if (r < 0) {

diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c
index f4ad4cb15108cf71d4970342676e7f69416ba388..c4d2bf6768021c1d76a16c92ab5b67cd55381dc1 100644 (file)
--- a/ip/xfrm_state.c
+++ b/ip/xfrm_state.c
@@ -528,7 +528,7 @@ static int xfrm_state_modify(int cmd, unsigned flags, int argc, char **argv)
                exit(1);
        }
 
-       if (mark.m & mark.v) {
+       if (mark.m) {
                int r = addattr_l(&req.n, sizeof(req.buf), XFRMA_MARK,
                                  (void *)&mark, sizeof(mark));
                if (r < 0) {