Commit 7b3b209e authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'net-convert-ipv6_stub-to-ip6_dst_lookup_flow' 



Sabrina Dubroca says:

====================
net: convert ipv6_stub to ip6_dst_lookup_flow

Xiumei Mu reported a bug in a VXLAN over IPsec setup:

  IPv6 | ESP | VXLAN

Using this setup, packets go out unencrypted, because VXLAN over IPv6
gets its route from ipv6_stub->ipv6_dst_lookup (in vxlan6_get_route),
which doesn't perform an XFRM lookup.

This patchset first makes ip6_dst_lookup_flow suitable for some
existing users of ipv6_stub->ipv6_dst_lookup by adding a 'net'
argument, then converts all those users.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 8ffb055b 6c8991f4

drivers/infiniband/core/addr.c

+3 −4
Original line number Diff line number Diff line
@@ -421,16 +421,15 @@ static int addr6_resolve(struct sockaddr *src_sock, 
				(const struct sockaddr_in6 *)dst_sock;

	struct flowi6 fl6;

	struct dst_entry *dst;

	int ret;



	memset(&fl6, 0, sizeof fl6);

	fl6.daddr = dst_in->sin6_addr;

	fl6.saddr = src_in->sin6_addr;

	fl6.flowi6_oif = addr->bound_dev_if;



	ret = ipv6_stub->ipv6_dst_lookup(addr->net, NULL, &dst, &fl6);

	if (ret < 0)

		return ret;

	dst = ipv6_stub->ipv6_dst_lookup_flow(addr->net, NULL, &fl6, NULL);

	if (IS_ERR(dst))

		return PTR_ERR(dst);



	if (ipv6_addr_any(&src_in->sin6_addr))

		src_in->sin6_addr = fl6.saddr;

drivers/infiniband/sw/rxe/rxe_net.c

+5 −3
Original line number Diff line number Diff line
@@ -117,10 +117,12 @@ static struct dst_entry *rxe_find_route6(struct net_device *ndev, 
	memcpy(&fl6.daddr, daddr, sizeof(*daddr));

	fl6.flowi6_proto = IPPROTO_UDP;



	if (unlikely(ipv6_stub->ipv6_dst_lookup(sock_net(recv_sockets.sk6->sk),

						recv_sockets.sk6->sk, &ndst, &fl6))) {

	ndst = ipv6_stub->ipv6_dst_lookup_flow(sock_net(recv_sockets.sk6->sk),

					       recv_sockets.sk6->sk, &fl6,

					       NULL);

	if (unlikely(IS_ERR(ndst))) {

		pr_err_ratelimited("no route to %pI6\n", daddr);

		goto put;

		return NULL;

	}



	if (unlikely(ndst->error)) {

drivers/net/ethernet/mellanox/mlx5/core/en/tc_tun.c

+4 −4
Original line number Diff line number Diff line
@@ -297,10 +297,10 @@ static int mlx5e_route_lookup_ipv6(struct mlx5e_priv *priv, 


	int ret;



	ret = ipv6_stub->ipv6_dst_lookup(dev_net(mirred_dev), NULL, &dst,

					 fl6);

	if (ret < 0)

		return ret;

	dst = ipv6_stub->ipv6_dst_lookup_flow(dev_net(mirred_dev), NULL, fl6,

					      NULL);

	if (IS_ERR(dst))

		return PTR_ERR(dst);



	if (!(*out_ttl))

		*out_ttl = ip6_dst_hoplimit(dst);

drivers/net/geneve.c

+3 −1
Original line number Diff line number Diff line
@@ -853,7 +853,9 @@ static struct dst_entry *geneve_get_v6_dst(struct sk_buff *skb, 
		if (dst)

			return dst;

	}

	if (ipv6_stub->ipv6_dst_lookup(geneve->net, gs6->sock->sk, &dst, fl6)) {

	dst = ipv6_stub->ipv6_dst_lookup_flow(geneve->net, gs6->sock->sk, fl6,

					      NULL);

	if (IS_ERR(dst)) {

		netdev_dbg(dev, "no route to %pI6\n", &fl6->daddr);

		return ERR_PTR(-ENETUNREACH);

	}

drivers/net/vxlan.c

+3 −5
Original line number Diff line number Diff line
@@ -2275,7 +2275,6 @@ static struct dst_entry *vxlan6_get_route(struct vxlan_dev *vxlan, 
	bool use_cache = ip_tunnel_dst_cache_usable(skb, info);

	struct dst_entry *ndst;

	struct flowi6 fl6;

	int err;



	if (!sock6)

		return ERR_PTR(-EIO);
@@ -2298,10 +2297,9 @@ static struct dst_entry *vxlan6_get_route(struct vxlan_dev *vxlan, 
	fl6.fl6_dport = dport;

	fl6.fl6_sport = sport;



	err = ipv6_stub->ipv6_dst_lookup(vxlan->net,

					 sock6->sock->sk,

					 &ndst, &fl6);

	if (unlikely(err < 0)) {

	ndst = ipv6_stub->ipv6_dst_lookup_flow(vxlan->net, sock6->sock->sk,

					       &fl6, NULL);

	if (unlikely(IS_ERR(ndst))) {

		netdev_dbg(dev, "no route to %pI6\n", daddr);

		return ERR_PTR(-ENETUNREACH);

	}

CRA Git | Maintained and supported by SUSTech CRA and CCSE