diff options
| author | Martin KaFai Lau <kafai@fb.com> | 2016-11-09 15:36:33 -0800 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2016-11-12 23:38:07 -0500 |
| commit | 4e3264d21b90984c2165e8fe5a7b64cf25bc2c2d (patch) | |
| tree | f6aee654871f3a3f3c471b811d66522e200454b1 /block | |
| parent | 23dd8315485acae0acf4452509e2be9fc587d72c (diff) | |
| download | linux-4e3264d21b90984c2165e8fe5a7b64cf25bc2c2d.tar.bz2 | |
bpf: Fix bpf_redirect to an ipip/ip6tnl dev
If the bpf program calls bpf_redirect(dev, 0) and dev is
an ipip/ip6tnl, it currently includes the mac header.
e.g. If dev is ipip, the end result is IP-EthHdr-IP instead
of IP-IP.
The fix is to pull the mac header. At ingress, skb_postpull_rcsum()
is not needed because the ethhdr should have been pulled once already
and then got pushed back just before calling the bpf_prog.
At egress, this patch calls skb_postpull_rcsum().
If bpf_redirect(dev, BPF_F_INGRESS) is called,
it also fails now because it calls dev_forward_skb() which
eventually calls eth_type_trans(skb, dev). The eth_type_trans()
will set skb->type = PACKET_OTHERHOST because the mac address
does not match the redirecting dev->dev_addr. The PACKET_OTHERHOST
will eventually cause the ip_rcv() errors out. To fix this,
____dev_forward_skb() is added.
Joint work with Daniel Borkmann.
Fixes: cfc7381b3002 ("ip_tunnel: add collect_md mode to IPIP tunnel")
Fixes: 8d79266bc48c ("ip6_tunnel: add collect_md mode to IPv6 tunnels")
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@fb.com>
Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'block')
0 files changed, 0 insertions, 0 deletions