4221f40513
Using inner-id for tunnel id is not safe in some rare cases.
E.g. packets coming from multiple sources entering same tunnel
can have same id. Therefore on tunnel packet receive we
could have packets from two different stream but with same
source and dst IP with same ip-id which could confuse ip packet
reassembly.
Following patch reverts optimization from commit
490ab08127 (IP_GRE: Fix IP-Identification.)
CC: Jarno Rajahalme <jrajahalme@nicira.com>
CC: Ansis Atteka <aatteka@nicira.com>
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
121 lines
3 KiB
C
121 lines
3 KiB
C
/*
|
|
* Copyright (c) 2013 Nicira, Inc.
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of version 2 of the GNU General Public
|
|
* License as published by the Free Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
|
* 02110-1301, USA
|
|
*/
|
|
|
|
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
|
|
|
|
#include <linux/types.h>
|
|
#include <linux/kernel.h>
|
|
#include <linux/skbuff.h>
|
|
#include <linux/netdevice.h>
|
|
#include <linux/in.h>
|
|
#include <linux/if_arp.h>
|
|
#include <linux/mroute.h>
|
|
#include <linux/init.h>
|
|
#include <linux/in6.h>
|
|
#include <linux/inetdevice.h>
|
|
#include <linux/netfilter_ipv4.h>
|
|
#include <linux/etherdevice.h>
|
|
#include <linux/if_ether.h>
|
|
#include <linux/if_vlan.h>
|
|
|
|
#include <net/ip.h>
|
|
#include <net/icmp.h>
|
|
#include <net/protocol.h>
|
|
#include <net/ip_tunnels.h>
|
|
#include <net/arp.h>
|
|
#include <net/checksum.h>
|
|
#include <net/dsfield.h>
|
|
#include <net/inet_ecn.h>
|
|
#include <net/xfrm.h>
|
|
#include <net/net_namespace.h>
|
|
#include <net/netns/generic.h>
|
|
#include <net/rtnetlink.h>
|
|
|
|
int iptunnel_xmit(struct net *net, struct rtable *rt,
|
|
struct sk_buff *skb,
|
|
__be32 src, __be32 dst, __u8 proto,
|
|
__u8 tos, __u8 ttl, __be16 df)
|
|
{
|
|
int pkt_len = skb->len;
|
|
struct iphdr *iph;
|
|
int err;
|
|
|
|
nf_reset(skb);
|
|
secpath_reset(skb);
|
|
skb->rxhash = 0;
|
|
skb_dst_drop(skb);
|
|
skb_dst_set(skb, &rt->dst);
|
|
memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
|
|
|
|
/* Push down and install the IP header. */
|
|
__skb_push(skb, sizeof(struct iphdr));
|
|
skb_reset_network_header(skb);
|
|
|
|
iph = ip_hdr(skb);
|
|
|
|
iph->version = 4;
|
|
iph->ihl = sizeof(struct iphdr) >> 2;
|
|
iph->frag_off = df;
|
|
iph->protocol = proto;
|
|
iph->tos = tos;
|
|
iph->daddr = dst;
|
|
iph->saddr = src;
|
|
iph->ttl = ttl;
|
|
__ip_select_ident(iph, &rt->dst, (skb_shinfo(skb)->gso_segs ?: 1) - 1);
|
|
|
|
err = ip_local_out(skb);
|
|
if (unlikely(net_xmit_eval(err)))
|
|
pkt_len = 0;
|
|
return pkt_len;
|
|
}
|
|
EXPORT_SYMBOL_GPL(iptunnel_xmit);
|
|
|
|
int iptunnel_pull_header(struct sk_buff *skb, int hdr_len, __be16 inner_proto)
|
|
{
|
|
if (unlikely(!pskb_may_pull(skb, hdr_len)))
|
|
return -ENOMEM;
|
|
|
|
skb_pull_rcsum(skb, hdr_len);
|
|
|
|
if (inner_proto == htons(ETH_P_TEB)) {
|
|
struct ethhdr *eh = (struct ethhdr *)skb->data;
|
|
|
|
if (unlikely(!pskb_may_pull(skb, ETH_HLEN)))
|
|
return -ENOMEM;
|
|
|
|
if (likely(ntohs(eh->h_proto) >= ETH_P_802_3_MIN))
|
|
skb->protocol = eh->h_proto;
|
|
else
|
|
skb->protocol = htons(ETH_P_802_2);
|
|
|
|
} else {
|
|
skb->protocol = inner_proto;
|
|
}
|
|
|
|
nf_reset(skb);
|
|
secpath_reset(skb);
|
|
if (!skb->l4_rxhash)
|
|
skb->rxhash = 0;
|
|
skb_dst_drop(skb);
|
|
skb->vlan_tci = 0;
|
|
skb_set_queue_mapping(skb, 0);
|
|
skb->pkt_type = PACKET_HOST;
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL_GPL(iptunnel_pull_header);
|