| From foo@baz Fri 03 Apr 2020 11:04:16 AM CEST |
| From: William Dauchy <w.dauchy@criteo.com> |
| Date: Fri, 27 Mar 2020 19:56:39 +0100 |
| Subject: net, ip_tunnel: fix interface lookup with no key |
| |
| From: William Dauchy <w.dauchy@criteo.com> |
| |
| [ Upstream commit 25629fdaff2ff509dd0b3f5ff93d70a75e79e0a1 ] |
| |
| when creating a new ipip interface with no local/remote configuration, |
| the lookup is done with TUNNEL_NO_KEY flag, making it impossible to |
| match the new interface (only possible match being fallback or metada |
| case interface); e.g: `ip link add tunl1 type ipip dev eth0` |
| |
| To fix this case, adding a flag check before the key comparison so we |
| permit to match an interface with no local/remote config; it also avoids |
| breaking possible userland tools relying on TUNNEL_NO_KEY flag and |
| uninitialised key. |
| |
| context being on my side, I'm creating an extra ipip interface attached |
| to the physical one, and moving it to a dedicated namespace. |
| |
| Fixes: c54419321455 ("GRE: Refactor GRE tunneling code.") |
| Signed-off-by: William Dauchy <w.dauchy@criteo.com> |
| Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/ipv4/ip_tunnel.c | 6 +----- |
| 1 file changed, 1 insertion(+), 5 deletions(-) |
| |
| --- a/net/ipv4/ip_tunnel.c |
| +++ b/net/ipv4/ip_tunnel.c |
| @@ -155,11 +155,8 @@ struct ip_tunnel *ip_tunnel_lookup(struc |
| cand = t; |
| } |
| |
| - if (flags & TUNNEL_NO_KEY) |
| - goto skip_key_lookup; |
| - |
| hlist_for_each_entry_rcu(t, head, hash_node) { |
| - if (t->parms.i_key != key || |
| + if ((!(flags & TUNNEL_NO_KEY) && t->parms.i_key != key) || |
| t->parms.iph.saddr != 0 || |
| t->parms.iph.daddr != 0 || |
| !(t->dev->flags & IFF_UP)) |
| @@ -171,7 +168,6 @@ struct ip_tunnel *ip_tunnel_lookup(struc |
| cand = t; |
| } |
| |
| -skip_key_lookup: |
| if (cand) |
| return cand; |
| |