• M
    bpf: Fix bpf_redirect to an ipip/ip6tnl dev · 4e3264d2
    Martin KaFai Lau 提交于
    If the bpf program calls bpf_redirect(dev, 0) and dev is
    an ipip/ip6tnl, it currently includes the mac header.
    e.g. If dev is ipip, the end result is IP-EthHdr-IP instead
    of IP-IP.
    
    The fix is to pull the mac header.  At ingress, skb_postpull_rcsum()
    is not needed because the ethhdr should have been pulled once already
    and then got pushed back just before calling the bpf_prog.
    At egress, this patch calls skb_postpull_rcsum().
    
    If bpf_redirect(dev, BPF_F_INGRESS) is called,
    it also fails now because it calls dev_forward_skb() which
    eventually calls eth_type_trans(skb, dev).  The eth_type_trans()
    will set skb->type = PACKET_OTHERHOST because the mac address
    does not match the redirecting dev->dev_addr.  The PACKET_OTHERHOST
    will eventually cause the ip_rcv() errors out.  To fix this,
    ____dev_forward_skb() is added.
    
    Joint work with Daniel Borkmann.
    
    Fixes: cfc7381b ("ip_tunnel: add collect_md mode to IPIP tunnel")
    Fixes: 8d79266b ("ip6_tunnel: add collect_md mode to IPv6 tunnels")
    Acked-by: NDaniel Borkmann <daniel@iogearbox.net>
    Acked-by: NAlexei Starovoitov <ast@fb.com>
    Signed-off-by: NMartin KaFai Lau <kafai@fb.com>
    Signed-off-by: NDavid S. Miller <davem@davemloft.net>
    4e3264d2
netdevice.h 136.2 KB