Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fca5fdf6 authored by Daniel Borkmann's avatar Daniel Borkmann Committed by David S. Miller
Browse files

ip_tunnels, bpf: define IP_TUNNEL_OPTS_MAX and use it 



eBPF defines this as BPF_TUNLEN_MAX and OVS just uses the hard-coded
value inside struct sw_flow_key. Thus, add and use IP_TUNNEL_OPTS_MAX
for this, which makes the code a bit more generic and allows to remove
BPF_TUNLEN_MAX from eBPF code.

Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 808c1b69

include/net/ip_tunnels.h

+7 −0
Original line number Diff line number Diff line
@@ -7,6 +7,8 @@ 
#include <linux/socket.h>

#include <linux/types.h>

#include <linux/u64_stats_sync.h>

#include <linux/bitops.h>



#include <net/dsfield.h>

#include <net/gro_cells.h>

#include <net/inet_ecn.h>
@@ -57,6 +59,11 @@ struct ip_tunnel_key { 
#define IP_TUNNEL_INFO_TX	0x01	/* represents tx tunnel parameters */

#define IP_TUNNEL_INFO_IPV6	0x02	/* key contains IPv6 addresses */



/* Maximum tunnel options length. */

#define IP_TUNNEL_OPTS_MAX					\

	GENMASK((FIELD_SIZEOF(struct ip_tunnel_info,		\

			      options_len) * BITS_PER_BYTE) - 1, 0)



struct ip_tunnel_info {

	struct ip_tunnel_key	key;

#ifdef CONFIG_DST_CACHE

net/core/filter.c

+2 −7
Original line number Diff line number Diff line
@@ -1904,8 +1904,6 @@ static const struct bpf_func_proto bpf_skb_set_tunnel_key_proto = { 
	.arg4_type	= ARG_ANYTHING,

};



#define BPF_TUNLEN_MAX	255



static u64 bpf_skb_set_tunnel_opt(u64 r1, u64 r2, u64 size, u64 r4, u64 r5)

{

	struct sk_buff *skb = (struct sk_buff *) (long) r1;
@@ -1915,7 +1913,7 @@ static u64 bpf_skb_set_tunnel_opt(u64 r1, u64 r2, u64 size, u64 r4, u64 r5) 


	if (unlikely(info != &md->u.tun_info || (size & (sizeof(u32) - 1))))

		return -EINVAL;

	if (unlikely(size > BPF_TUNLEN_MAX))

	if (unlikely(size > IP_TUNNEL_OPTS_MAX))

		return -ENOMEM;



	ip_tunnel_info_opts_set(info, from, size);
@@ -1936,13 +1934,10 @@ static const struct bpf_func_proto * 
bpf_get_skb_set_tunnel_proto(enum bpf_func_id which)

{

	if (!md_dst) {

		BUILD_BUG_ON(FIELD_SIZEOF(struct ip_tunnel_info,

					  options_len) != 1);



		/* Race is not possible, since it's called from verifier

		 * that is holding verifier mutex.

		 */

		md_dst = metadata_dst_alloc_percpu(BPF_TUNLEN_MAX,

		md_dst = metadata_dst_alloc_percpu(IP_TUNNEL_OPTS_MAX,

						   GFP_KERNEL);

		if (!md_dst)

			return NULL;

net/ipv4/ip_tunnel_core.c

+6 −0
Original line number Diff line number Diff line
@@ -398,6 +398,12 @@ static const struct lwtunnel_encap_ops ip6_tun_lwt_ops = { 


void __init ip_tunnel_core_init(void)

{

	/* If you land here, make sure whether increasing ip_tunnel_info's

	 * options_len is a reasonable choice with its usage in front ends

	 * (f.e., it's part of flow keys, etc).

	 */

	BUILD_BUG_ON(IP_TUNNEL_OPTS_MAX != 255);



	lwtunnel_encap_add_ops(&ip_tun_lwt_ops, LWTUNNEL_ENCAP_IP);

	lwtunnel_encap_add_ops(&ip6_tun_lwt_ops, LWTUNNEL_ENCAP_IP6);

}

net/openvswitch/flow.h

+1 −1
Original line number Diff line number Diff line
@@ -55,7 +55,7 @@ struct ovs_tunnel_info { 
	FIELD_SIZEOF(struct sw_flow_key, recirc_id))



struct sw_flow_key {

	u8 tun_opts[255];

	u8 tun_opts[IP_TUNNEL_OPTS_MAX];

	u8 tun_opts_len;

	struct ip_tunnel_key tun_key;	/* Encapsulating tunnel key. */

	struct {