* [PATCH ipsec-next 1/3] ip_vti: not register vti_ipip_handler twice
2020-07-13 7:42 [PATCH ipsec-next 0/3] xfrm: not register one xfrm(6)_tunnel object twice Xin Long
@ 2020-07-13 7:42 ` Xin Long
2020-07-13 7:42 ` [PATCH ipsec-next 2/3] ip6_vti: not register vti_ipv6_handler twice Xin Long
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Xin Long @ 2020-07-13 7:42 UTC (permalink / raw)
To: netdev; +Cc: Steffen Klassert, David S. Miller, Sabrina Dubroca
An xfrm_tunnel object is linked into the list when registering,
so vti_ipip_handler can not be registered twice, otherwise its
next pointer will be overwritten on the second time.
So this patch is to define a new xfrm_tunnel object to register
for AF_INET6.
Fixes: e6ce64570f24 ("ip_vti: support IPIP6 tunnel processing")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
---
net/ipv4/ip_vti.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c
index c0b97b8f..3e5d545 100644
--- a/net/ipv4/ip_vti.c
+++ b/net/ipv4/ip_vti.c
@@ -484,6 +484,13 @@ static struct xfrm_tunnel vti_ipip_handler __read_mostly = {
.err_handler = vti4_err,
.priority = 0,
};
+
+static struct xfrm_tunnel vti_ipip6_handler __read_mostly = {
+ .handler = vti_rcv_tunnel,
+ .cb_handler = vti_rcv_cb,
+ .err_handler = vti4_err,
+ .priority = 0,
+};
#endif
static int __net_init vti_init_net(struct net *net)
@@ -660,7 +667,7 @@ static int __init vti_init(void)
if (err < 0)
goto xfrm_tunnel_ipip_failed;
#if IS_ENABLED(CONFIG_IPV6)
- err = xfrm4_tunnel_register(&vti_ipip_handler, AF_INET6);
+ err = xfrm4_tunnel_register(&vti_ipip6_handler, AF_INET6);
if (err < 0)
goto xfrm_tunnel_ipip6_failed;
#endif
@@ -676,7 +683,7 @@ static int __init vti_init(void)
rtnl_link_failed:
#if IS_ENABLED(CONFIG_INET_XFRM_TUNNEL)
#if IS_ENABLED(CONFIG_IPV6)
- xfrm4_tunnel_deregister(&vti_ipip_handler, AF_INET6);
+ xfrm4_tunnel_deregister(&vti_ipip6_handler, AF_INET6);
xfrm_tunnel_ipip6_failed:
#endif
xfrm4_tunnel_deregister(&vti_ipip_handler, AF_INET);
@@ -699,7 +706,7 @@ static void __exit vti_fini(void)
rtnl_link_unregister(&vti_link_ops);
#if IS_ENABLED(CONFIG_INET_XFRM_TUNNEL)
#if IS_ENABLED(CONFIG_IPV6)
- xfrm4_tunnel_deregister(&vti_ipip_handler, AF_INET6);
+ xfrm4_tunnel_deregister(&vti_ipip6_handler, AF_INET6);
#endif
xfrm4_tunnel_deregister(&vti_ipip_handler, AF_INET);
#endif
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread* [PATCH ipsec-next 2/3] ip6_vti: not register vti_ipv6_handler twice
2020-07-13 7:42 [PATCH ipsec-next 0/3] xfrm: not register one xfrm(6)_tunnel object twice Xin Long
2020-07-13 7:42 ` [PATCH ipsec-next 1/3] ip_vti: not register vti_ipip_handler twice Xin Long
@ 2020-07-13 7:42 ` Xin Long
2020-07-13 7:42 ` [PATCH ipsec-next 3/3] xfrm: interface: not xfrmi_ipv6/ipip_handler twice Xin Long
2020-07-16 6:32 ` [PATCH ipsec-next 0/3] xfrm: not register one xfrm(6)_tunnel object twice Steffen Klassert
3 siblings, 0 replies; 5+ messages in thread
From: Xin Long @ 2020-07-13 7:42 UTC (permalink / raw)
To: netdev; +Cc: Steffen Klassert, David S. Miller, Sabrina Dubroca
An xfrm6_tunnel object is linked into the list when registering,
so vti_ipv6_handler can not be registered twice, otherwise its
next pointer will be overwritten on the second time.
So this patch is to define a new xfrm6_tunnel object to register
for AF_INET.
Fixes: 2ab110cbb0c0 ("ip6_vti: support IP6IP tunnel processing")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
---
net/ipv6/ip6_vti.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/net/ipv6/ip6_vti.c b/net/ipv6/ip6_vti.c
index dfa93bc..18ec4ab 100644
--- a/net/ipv6/ip6_vti.c
+++ b/net/ipv6/ip6_vti.c
@@ -1236,6 +1236,13 @@ static struct xfrm6_tunnel vti_ipv6_handler __read_mostly = {
.err_handler = vti6_err,
.priority = 0,
};
+
+static struct xfrm6_tunnel vti_ip6ip_handler __read_mostly = {
+ .handler = vti6_rcv_tunnel,
+ .cb_handler = vti6_rcv_cb,
+ .err_handler = vti6_err,
+ .priority = 0,
+};
#endif
/**
@@ -1268,7 +1275,7 @@ static int __init vti6_tunnel_init(void)
err = xfrm6_tunnel_register(&vti_ipv6_handler, AF_INET6);
if (err < 0)
goto vti_tunnel_ipv6_failed;
- err = xfrm6_tunnel_register(&vti_ipv6_handler, AF_INET);
+ err = xfrm6_tunnel_register(&vti_ip6ip_handler, AF_INET);
if (err < 0)
goto vti_tunnel_ip6ip_failed;
#endif
@@ -1282,7 +1289,7 @@ static int __init vti6_tunnel_init(void)
rtnl_link_failed:
#if IS_ENABLED(CONFIG_INET6_XFRM_TUNNEL)
- err = xfrm6_tunnel_deregister(&vti_ipv6_handler, AF_INET);
+ err = xfrm6_tunnel_deregister(&vti_ip6ip_handler, AF_INET);
vti_tunnel_ip6ip_failed:
err = xfrm6_tunnel_deregister(&vti_ipv6_handler, AF_INET6);
vti_tunnel_ipv6_failed:
@@ -1306,7 +1313,7 @@ static void __exit vti6_tunnel_cleanup(void)
{
rtnl_link_unregister(&vti6_link_ops);
#if IS_ENABLED(CONFIG_INET6_XFRM_TUNNEL)
- xfrm6_tunnel_deregister(&vti_ipv6_handler, AF_INET);
+ xfrm6_tunnel_deregister(&vti_ip6ip_handler, AF_INET);
xfrm6_tunnel_deregister(&vti_ipv6_handler, AF_INET6);
#endif
xfrm6_protocol_deregister(&vti_ipcomp6_protocol, IPPROTO_COMP);
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread* [PATCH ipsec-next 3/3] xfrm: interface: not xfrmi_ipv6/ipip_handler twice
2020-07-13 7:42 [PATCH ipsec-next 0/3] xfrm: not register one xfrm(6)_tunnel object twice Xin Long
2020-07-13 7:42 ` [PATCH ipsec-next 1/3] ip_vti: not register vti_ipip_handler twice Xin Long
2020-07-13 7:42 ` [PATCH ipsec-next 2/3] ip6_vti: not register vti_ipv6_handler twice Xin Long
@ 2020-07-13 7:42 ` Xin Long
2020-07-16 6:32 ` [PATCH ipsec-next 0/3] xfrm: not register one xfrm(6)_tunnel object twice Steffen Klassert
3 siblings, 0 replies; 5+ messages in thread
From: Xin Long @ 2020-07-13 7:42 UTC (permalink / raw)
To: netdev; +Cc: Steffen Klassert, David S. Miller, Sabrina Dubroca
As we did in the last 2 patches for vti(6), this patch is to define a
new xfrm_tunnel object 'xfrmi_ipip6_handler' to register for AF_INET6,
and a new xfrm6_tunnel object 'xfrmi_ip6ip_handler' to register for
AF_INET.
Signed-off-by: Xin Long <lucien.xin@gmail.com>
---
net/xfrm/xfrm_interface.c | 22 ++++++++++++++++++----
1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/net/xfrm/xfrm_interface.c b/net/xfrm/xfrm_interface.c
index a79eb49..5d50f1d 100644
--- a/net/xfrm/xfrm_interface.c
+++ b/net/xfrm/xfrm_interface.c
@@ -816,6 +816,13 @@ static struct xfrm6_tunnel xfrmi_ipv6_handler __read_mostly = {
.err_handler = xfrmi6_err,
.priority = -1,
};
+
+static struct xfrm6_tunnel xfrmi_ip6ip_handler __read_mostly = {
+ .handler = xfrmi6_rcv_tunnel,
+ .cb_handler = xfrmi_rcv_cb,
+ .err_handler = xfrmi6_err,
+ .priority = -1,
+};
#endif
static struct xfrm4_protocol xfrmi_esp4_protocol __read_mostly = {
@@ -854,6 +861,13 @@ static struct xfrm_tunnel xfrmi_ipip_handler __read_mostly = {
.err_handler = xfrmi4_err,
.priority = -1,
};
+
+static struct xfrm_tunnel xfrmi_ipip6_handler __read_mostly = {
+ .handler = xfrmi4_rcv_tunnel,
+ .cb_handler = xfrmi_rcv_cb,
+ .err_handler = xfrmi4_err,
+ .priority = -1,
+};
#endif
static int __init xfrmi4_init(void)
@@ -873,7 +887,7 @@ static int __init xfrmi4_init(void)
err = xfrm4_tunnel_register(&xfrmi_ipip_handler, AF_INET);
if (err < 0)
goto xfrm_tunnel_ipip_failed;
- err = xfrm4_tunnel_register(&xfrmi_ipip_handler, AF_INET6);
+ err = xfrm4_tunnel_register(&xfrmi_ipip6_handler, AF_INET6);
if (err < 0)
goto xfrm_tunnel_ipip6_failed;
#endif
@@ -897,7 +911,7 @@ static int __init xfrmi4_init(void)
static void xfrmi4_fini(void)
{
#if IS_ENABLED(CONFIG_INET_XFRM_TUNNEL)
- xfrm4_tunnel_deregister(&xfrmi_ipip_handler, AF_INET6);
+ xfrm4_tunnel_deregister(&xfrmi_ipip6_handler, AF_INET6);
xfrm4_tunnel_deregister(&xfrmi_ipip_handler, AF_INET);
#endif
xfrm4_protocol_deregister(&xfrmi_ipcomp4_protocol, IPPROTO_COMP);
@@ -922,7 +936,7 @@ static int __init xfrmi6_init(void)
err = xfrm6_tunnel_register(&xfrmi_ipv6_handler, AF_INET6);
if (err < 0)
goto xfrm_tunnel_ipv6_failed;
- err = xfrm6_tunnel_register(&xfrmi_ipv6_handler, AF_INET);
+ err = xfrm6_tunnel_register(&xfrmi_ip6ip_handler, AF_INET);
if (err < 0)
goto xfrm_tunnel_ip6ip_failed;
#endif
@@ -946,7 +960,7 @@ static int __init xfrmi6_init(void)
static void xfrmi6_fini(void)
{
#if IS_ENABLED(CONFIG_INET6_XFRM_TUNNEL)
- xfrm6_tunnel_deregister(&xfrmi_ipv6_handler, AF_INET);
+ xfrm6_tunnel_deregister(&xfrmi_ip6ip_handler, AF_INET);
xfrm6_tunnel_deregister(&xfrmi_ipv6_handler, AF_INET6);
#endif
xfrm6_protocol_deregister(&xfrmi_ipcomp6_protocol, IPPROTO_COMP);
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread* Re: [PATCH ipsec-next 0/3] xfrm: not register one xfrm(6)_tunnel object twice
2020-07-13 7:42 [PATCH ipsec-next 0/3] xfrm: not register one xfrm(6)_tunnel object twice Xin Long
` (2 preceding siblings ...)
2020-07-13 7:42 ` [PATCH ipsec-next 3/3] xfrm: interface: not xfrmi_ipv6/ipip_handler twice Xin Long
@ 2020-07-16 6:32 ` Steffen Klassert
3 siblings, 0 replies; 5+ messages in thread
From: Steffen Klassert @ 2020-07-16 6:32 UTC (permalink / raw)
To: Xin Long; +Cc: netdev, David S. Miller, Sabrina Dubroca
On Mon, Jul 13, 2020 at 03:42:35PM +0800, Xin Long wrote:
> Now in ip(6)_vti and xfrm interface tunnel support, it uses the
> same xfrm(6)_tunnel object to handle for AF_NET and AF_INET6 by
> registering it twice.
>
> However the xfrm(6)_tunnel object is linked into a list with its
> 'next' pointer. The second registering will cause its 'next'
> pointer to be overwritten, and break the list.
>
> So this patchset is to add a new xfrm(6)_tunnel object for each
> of them and register it, although its members are the same with
> the old one.
>
> Xin Long (3):
> ip_vti: not register vti_ipip_handler twice
> ip6_vti: not register vti_ipv6_handler twice
> xfrm: interface: not xfrmi_ipv6/ipip_handler twice
Applied, thanks Xin!
^ permalink raw reply [flat|nested] 5+ messages in thread