2018-09-10 14:26:02

by Haishuang Yan

Subject: [PATCH 1/2] erspan: return PACKET_REJECT when the appropriate tunnel is not found

If erspan tunnel hasn't been established, we'd better send icmp port
unreachable message after receive erspan packets.

Fixes: 84e54fe0a5ea ("gre: introduce native tunnel support for ERSPAN")
Cc: William Tu <[email protected]>
Signed-off-by: Haishuang Yan <[email protected]>
---
net/ipv4/ip_gre.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index ae714ae..85a714d 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -328,6 +328,8 @@ static int erspan_rcv(struct sk_buff *skb, struct tnl_ptk_info *tpi,
ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error);
return PACKET_RCVD;
}
+ return PACKET_REJECT;
+
drop:
kfree_skb(skb);
return PACKET_RCVD;
--
1.8.3.1

2018-09-10 14:26:40

by Haishuang Yan

Subject: [PATCH 2/2] erspan: fix error handling for erspan tunnel

When processing icmp unreachable message for erspan tunnel, tunnel id
should be erspan_net_id instead of ipgre_net_id.

Fixes: 84e54fe0a5ea ("gre: introduce native tunnel support for ERSPAN")
Cc: William Tu <[email protected]>
Signed-off-by: Haishuang Yan <[email protected]>
---
net/ipv4/ip_gre.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index 85a714d..8cce0e9 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -178,6 +178,9 @@ static void ipgre_err(struct sk_buff *skb, u32 info,

if (tpi->proto == htons(ETH_P_TEB))
itn = net_generic(net, gre_tap_net_id);
+ else if (tpi->proto == htons(ETH_P_ERSPAN) ||
+ tpi->proto == htons(ETH_P_ERSPAN2))
+ itn = net_generic(net, erspan_net_id);
else
itn = net_generic(net, ipgre_net_id);

--
1.8.3.1

2018-09-10 15:55:25

by William Tu

Subject: Re: [PATCH 2/2] erspan: fix error handling for erspan tunnel

On Mon, Sep 10, 2018 at 7:20 AM Haishuang Yan
<[email protected]> wrote:
>
> When processing icmp unreachable message for erspan tunnel, tunnel id
> should be erspan_net_id instead of ipgre_net_id.
>
> Fixes: 84e54fe0a5ea ("gre: introduce native tunnel support for ERSPAN")
> Cc: William Tu <[email protected]>
> Signed-off-by: Haishuang Yan <[email protected]>
> ---

Thanks for the fix.
Acked-by: William Tu <[email protected]>

2018-09-10 15:56:36

by William Tu

Subject: Re: [PATCH 1/2] erspan: return PACKET_REJECT when the appropriate tunnel is not found

On Mon, Sep 10, 2018 at 7:20 AM Haishuang Yan
<[email protected]> wrote:
>
> If erspan tunnel hasn't been established, we'd better send icmp port
> unreachable message after receive erspan packets.
>
> Fixes: 84e54fe0a5ea ("gre: introduce native tunnel support for ERSPAN")
> Cc: William Tu <[email protected]>
> Signed-off-by: Haishuang Yan <[email protected]>
> ---

LGTM.
Acked-by: William Tu <[email protected]>

2018-09-12 06:52:51

by David Miller

Subject: Re: [PATCH 1/2] erspan: return PACKET_REJECT when the appropriate tunnel is not found

From: Haishuang Yan <[email protected]>
Date: Mon, 10 Sep 2018 22:19:47 +0800

> If erspan tunnel hasn't been established, we'd better send icmp port
> unreachable message after receive erspan packets.
>
> Fixes: 84e54fe0a5ea ("gre: introduce native tunnel support for ERSPAN")
> Cc: William Tu <[email protected]>
> Signed-off-by: Haishuang Yan <[email protected]>

Applied and queued up for -stable.

2018-09-12 06:54:22

by David Miller

Subject: Re: [PATCH 2/2] erspan: fix error handling for erspan tunnel

From: Haishuang Yan <[email protected]>
Date: Mon, 10 Sep 2018 22:19:48 +0800

> When processing icmp unreachable message for erspan tunnel, tunnel id
> should be erspan_net_id instead of ipgre_net_id.
>
> Fixes: 84e54fe0a5ea ("gre: introduce native tunnel support for ERSPAN")
> Cc: William Tu <[email protected]>
> Signed-off-by: Haishuang Yan <[email protected]>

Applied and queued up for -stable.