Home Esplora Aiuto
Accedi
GfA
/
linux_kernel
5
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Sfoglia il codice sorgente

net: Fix vti use case with oif in dst lookups

Steffen reported that the recent change to add oif to dst lookups breaks
the VTI use case. The problem is that with the oif set in the flow struct
the comparison to the nh_oif is triggered. Fix by splitting the
FLOWI_FLAG_VRFSRC into 2 flags -- one that triggers the vrf device cache
bypass (FLOWI_FLAG_VRFSRC) and another telling the lookup to not compare
nh oif (FLOWI_FLAG_SKIP_NH_OIF).

Fixes: 42a7b32b73d6 ("xfrm: Add oif to dst lookups")

Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Ahern 10 anni fa
parent
d828755eae
commit
58189ca7b2
6 ha cambiato i file con 9 aggiunte e 4 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 2 1
      drivers/net/vrf.c
  2. 1 0
      include/net/flow.h
  3. 1 1
      include/net/route.h
  4. 1 1
      net/ipv4/fib_trie.c
  5. 2 1
      net/ipv4/udp.c
  6. 2 0
      net/ipv4/xfrm4_policy.c

+ 2 - 1
drivers/net/vrf.c
Vedi File 

@@ -193,7 +193,8 @@ static netdev_tx_t vrf_process_v4_outbound(struct sk_buff *skb,
 
 		.flowi4_oif = vrf_dev->ifindex,
 
 		.flowi4_iif = LOOPBACK_IFINDEX,
 
 		.flowi4_tos = RT_TOS(ip4h->tos),
 
-		.flowi4_flags = FLOWI_FLAG_ANYSRC | FLOWI_FLAG_VRFSRC,
 
+		.flowi4_flags = FLOWI_FLAG_ANYSRC | FLOWI_FLAG_VRFSRC |
 
+				FLOWI_FLAG_SKIP_NH_OIF,
 
 		.daddr = ip4h->daddr,
 
 	};

+ 1 - 0
include/net/flow.h
Vedi File 

@@ -35,6 +35,7 @@ struct flowi_common {
 
 #define FLOWI_FLAG_ANYSRC		0x01
 
 #define FLOWI_FLAG_KNOWN_NH		0x02
 
 #define FLOWI_FLAG_VRFSRC		0x04
 
+#define FLOWI_FLAG_SKIP_NH_OIF		0x08
 
 	__u32	flowic_secid;
 
 	struct flowi_tunnel flowic_tun_key;
 
 };

+ 1 - 1
include/net/route.h
Vedi File 

@@ -255,7 +255,7 @@ static inline void ip_route_connect_init(struct flowi4 *fl4, __be32 dst, __be32
 
 		flow_flags |= FLOWI_FLAG_ANYSRC;
 
 
 	if (netif_index_is_vrf(sock_net(sk), oif))
 
-		flow_flags |= FLOWI_FLAG_VRFSRC;
 
+		flow_flags |= FLOWI_FLAG_VRFSRC | FLOWI_FLAG_SKIP_NH_OIF;
 
 
 	flowi4_init_output(fl4, oif, sk->sk_mark, tos, RT_SCOPE_UNIVERSE,
 
 			   protocol, flow_flags, dst, src, dport, sport);

+ 1 - 1
net/ipv4/fib_trie.c
Vedi File 

@@ -1426,7 +1426,7 @@ found:
 
 			    nh->nh_flags & RTNH_F_LINKDOWN &&
 
 			    !(fib_flags & FIB_LOOKUP_IGNORE_LINKSTATE))
 
 				continue;
 
-			if (!(flp->flowi4_flags & FLOWI_FLAG_VRFSRC)) {
 
+			if (!(flp->flowi4_flags & FLOWI_FLAG_SKIP_NH_OIF)) {
 
 				if (flp->flowi4_oif &&
 
 				    flp->flowi4_oif != nh->nh_oif)
 
 					continue;

+ 2 - 1
net/ipv4/udp.c
Vedi File 

@@ -1024,7 +1024,8 @@ int udp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len)
 
 		if (netif_index_is_vrf(net, ipc.oif)) {
 
 			flowi4_init_output(fl4, ipc.oif, sk->sk_mark, tos,
 
 					   RT_SCOPE_UNIVERSE, sk->sk_protocol,
 
-					   (flow_flags | FLOWI_FLAG_VRFSRC),
 
+					   (flow_flags | FLOWI_FLAG_VRFSRC |
 
+					    FLOWI_FLAG_SKIP_NH_OIF),
 
 					   faddr, saddr, dport,
 
 					   inet->inet_sport);

+ 2 - 0
net/ipv4/xfrm4_policy.c
Vedi File 

@@ -33,6 +33,8 @@ static struct dst_entry *__xfrm4_dst_lookup(struct net *net, struct flowi4 *fl4,
 
 	if (saddr)
 
 		fl4->saddr = saddr->a4;
 
 
+	fl4->flowi4_flags = FLOWI_FLAG_SKIP_NH_OIF;
 
+
 
 	rt = __ip_route_output_key(net, fl4);
 
 	if (!IS_ERR(rt))
 
 		return &rt->dst;