ip_tunnels: Use skb-len to PMTU check.
In path mtu check, ip header total length works for gre device
but not for gre-tap device. Use skb len which is consistent
for all tunneling types. This is old bug in gre.
This also fixes mtu calculation bug introduced by
commit c544193214
(GRE: Refactor GRE tunneling code).
Reported-by: Timo Teras <timo.teras@iki.fi>
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
784771e74b
commit
23a3647bc4
|
@ -472,6 +472,54 @@ drop:
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(ip_tunnel_rcv);
|
EXPORT_SYMBOL_GPL(ip_tunnel_rcv);
|
||||||
|
|
||||||
|
static int tnl_update_pmtu(struct net_device *dev, struct sk_buff *skb,
|
||||||
|
struct rtable *rt, __be16 df)
|
||||||
|
{
|
||||||
|
struct ip_tunnel *tunnel = netdev_priv(dev);
|
||||||
|
int pkt_size = skb->len - tunnel->hlen;
|
||||||
|
int mtu;
|
||||||
|
|
||||||
|
if (df)
|
||||||
|
mtu = dst_mtu(&rt->dst) - dev->hard_header_len
|
||||||
|
- sizeof(struct iphdr) - tunnel->hlen;
|
||||||
|
else
|
||||||
|
mtu = skb_dst(skb) ? dst_mtu(skb_dst(skb)) : dev->mtu;
|
||||||
|
|
||||||
|
if (skb_dst(skb))
|
||||||
|
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
|
||||||
|
|
||||||
|
if (skb->protocol == htons(ETH_P_IP)) {
|
||||||
|
if (!skb_is_gso(skb) &&
|
||||||
|
(df & htons(IP_DF)) && mtu < pkt_size) {
|
||||||
|
memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
|
||||||
|
icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
|
||||||
|
return -E2BIG;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#if IS_ENABLED(CONFIG_IPV6)
|
||||||
|
else if (skb->protocol == htons(ETH_P_IPV6)) {
|
||||||
|
struct rt6_info *rt6 = (struct rt6_info *)skb_dst(skb);
|
||||||
|
|
||||||
|
if (rt6 && mtu < dst_mtu(skb_dst(skb)) &&
|
||||||
|
mtu >= IPV6_MIN_MTU) {
|
||||||
|
if ((tunnel->parms.iph.daddr &&
|
||||||
|
!ipv4_is_multicast(tunnel->parms.iph.daddr)) ||
|
||||||
|
rt6->rt6i_dst.plen == 128) {
|
||||||
|
rt6->rt6i_flags |= RTF_MODIFIED;
|
||||||
|
dst_metric_set(skb_dst(skb), RTAX_MTU, mtu);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!skb_is_gso(skb) && mtu >= IPV6_MIN_MTU &&
|
||||||
|
mtu < pkt_size) {
|
||||||
|
icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
|
||||||
|
return -E2BIG;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
void ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev,
|
void ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev,
|
||||||
const struct iphdr *tnl_params, const u8 protocol)
|
const struct iphdr *tnl_params, const u8 protocol)
|
||||||
{
|
{
|
||||||
|
@ -483,7 +531,6 @@ void ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev,
|
||||||
struct rtable *rt; /* Route to the other host */
|
struct rtable *rt; /* Route to the other host */
|
||||||
unsigned int max_headroom; /* The extra header space needed */
|
unsigned int max_headroom; /* The extra header space needed */
|
||||||
__be32 dst;
|
__be32 dst;
|
||||||
int mtu;
|
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
inner_iph = (const struct iphdr *)skb_inner_network_header(skb);
|
inner_iph = (const struct iphdr *)skb_inner_network_header(skb);
|
||||||
|
@ -560,51 +607,11 @@ void ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev,
|
||||||
dev->stats.collisions++;
|
dev->stats.collisions++;
|
||||||
goto tx_error;
|
goto tx_error;
|
||||||
}
|
}
|
||||||
df = tnl_params->frag_off;
|
|
||||||
|
|
||||||
if (df)
|
if (tnl_update_pmtu(dev, skb, rt, tnl_params->frag_off)) {
|
||||||
mtu = dst_mtu(&rt->dst) - dev->hard_header_len
|
ip_rt_put(rt);
|
||||||
- sizeof(struct iphdr);
|
goto tx_error;
|
||||||
else
|
|
||||||
mtu = skb_dst(skb) ? dst_mtu(skb_dst(skb)) : dev->mtu;
|
|
||||||
|
|
||||||
if (skb_dst(skb))
|
|
||||||
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
|
|
||||||
|
|
||||||
if (skb->protocol == htons(ETH_P_IP)) {
|
|
||||||
df |= (inner_iph->frag_off&htons(IP_DF));
|
|
||||||
|
|
||||||
if (!skb_is_gso(skb) &&
|
|
||||||
(inner_iph->frag_off&htons(IP_DF)) &&
|
|
||||||
mtu < ntohs(inner_iph->tot_len)) {
|
|
||||||
memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
|
|
||||||
icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
|
|
||||||
ip_rt_put(rt);
|
|
||||||
goto tx_error;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
#if IS_ENABLED(CONFIG_IPV6)
|
|
||||||
else if (skb->protocol == htons(ETH_P_IPV6)) {
|
|
||||||
struct rt6_info *rt6 = (struct rt6_info *)skb_dst(skb);
|
|
||||||
|
|
||||||
if (rt6 && mtu < dst_mtu(skb_dst(skb)) &&
|
|
||||||
mtu >= IPV6_MIN_MTU) {
|
|
||||||
if ((tunnel->parms.iph.daddr &&
|
|
||||||
!ipv4_is_multicast(tunnel->parms.iph.daddr)) ||
|
|
||||||
rt6->rt6i_dst.plen == 128) {
|
|
||||||
rt6->rt6i_flags |= RTF_MODIFIED;
|
|
||||||
dst_metric_set(skb_dst(skb), RTAX_MTU, mtu);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!skb_is_gso(skb) && mtu >= IPV6_MIN_MTU &&
|
|
||||||
mtu < skb->len) {
|
|
||||||
icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
|
|
||||||
ip_rt_put(rt);
|
|
||||||
goto tx_error;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if (tunnel->net != dev_net(dev))
|
if (tunnel->net != dev_net(dev))
|
||||||
skb_scrub_packet(skb);
|
skb_scrub_packet(skb);
|
||||||
|
@ -631,6 +638,10 @@ void ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev,
|
||||||
ttl = ip4_dst_hoplimit(&rt->dst);
|
ttl = ip4_dst_hoplimit(&rt->dst);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
df = tnl_params->frag_off;
|
||||||
|
if (skb->protocol == htons(ETH_P_IP))
|
||||||
|
df |= (inner_iph->frag_off&htons(IP_DF));
|
||||||
|
|
||||||
max_headroom = LL_RESERVED_SPACE(rt->dst.dev) + sizeof(struct iphdr)
|
max_headroom = LL_RESERVED_SPACE(rt->dst.dev) + sizeof(struct iphdr)
|
||||||
+ rt->dst.header_len;
|
+ rt->dst.header_len;
|
||||||
if (max_headroom > dev->needed_headroom) {
|
if (max_headroom > dev->needed_headroom) {
|
||||||
|
|
Loading…
Reference in New Issue