> On 2018年9月10日, at 下午11:36, Jiri Benc <jb...@redhat.com> wrote:
>
> On Mon, 10 Sep 2018 16:25:09 +0800, Haishuang Yan wrote:
>> + if (gre_parse_header(skb, &tpi, &csum_err, htons(ETH_P_IPV6),
>> + offset) < 0) {
>> + if (!csum_err) /* ignore csum errors. */
>> + return;
>> }
>
> gre_parse_header stops parsing when csum_err is encountered. Which
> means tpi.key is undefined...
>
>>
>> - if (!pskb_may_pull(skb, offset + grehlen))
>> - return;
>> ipv6h = (const struct ipv6hdr *)skb->data;
>> - greh = (const struct gre_base_hdr *)(skb->data + offset);
>> - key = key_off ? *(__be32 *)(skb->data + key_off) : 0;
>> -
>> t = ip6gre_tunnel_lookup(skb->dev, &ipv6h->daddr, &ipv6h->saddr,
>> - key, greh->protocol);
>> + tpi.key, tpi.proto);
>
> ...and can't be used here.
>
> Jiri
>
You are right. Thanks for reviewing. So the same problem also arise in
ipgre_err code:
187 iph = (const struct iphdr *)(icmp_hdr(skb) + 1);
188 t = ip_tunnel_lookup(itn, skb->dev->ifindex, tpi->flags,
189 iph->daddr, iph->saddr, tpi->key);
Since csum_err may not be used outside, how about refactoring gre_parse_header
function like this:
--- a/net/ipv4/gre_demux.c
+++ b/net/ipv4/gre_demux.c
@@ -86,7 +86,7 @@ int gre_parse_header(struct sk_buff *skb, struct tnl_ptk_info
*tpi,
options = (__be32 *)(greh + 1);
if (greh->flags & GRE_CSUM) {
- if (skb_checksum_simple_validate(skb)) {
+ if (csum_err && skb_checksum_simple_validate(skb)) {
*csum_err = true;
return -EINVAL;
}
And in gre_err function, we can call gre_parse_header(skb, &tpi, NULL, **) like
this:
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -234,11 +234,9 @@ static void gre_err(struct sk_buff *skb, u32 info)
struct tnl_ptk_info tpi;
bool csum_err = false;
- if (gre_parse_header(skb, &tpi, &csum_err, htons(ETH_P_IP),
- iph->ihl * 4) < 0) {
- if (!csum_err) /* ignore csum errors. */
+ if (gre_parse_header(skb, &tpi, NULL, htons(ETH_P_IP),
+ iph->ihl * 4) < 0)
return;
- }
