OpenWrt – Blame information for rev 2
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
1 | office | 1 | From: "Jason A. Donenfeld" <Jason@zx2c4.com> |
2 | Date: Wed, 30 May 2018 20:43:15 +0200 |
||
3 | Subject: [PATCH] netfilter: nf_flow_table: attach dst to skbs |
||
4 | |||
5 | Some drivers, such as vxlan and wireguard, use the skb's dst in order to |
||
6 | determine things like PMTU. They therefore loose functionality when flow |
||
7 | offloading is enabled. So, we ensure the skb has it before xmit'ing it |
||
8 | in the offloading path. |
||
9 | |||
10 | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> |
||
11 | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> |
||
12 | --- |
||
13 | |||
14 | --- a/net/netfilter/nf_flow_table_ip.c |
||
15 | +++ b/net/netfilter/nf_flow_table_ip.c |
||
16 | @@ -220,7 +220,7 @@ nf_flow_offload_ip_hook(void *priv, stru |
||
17 | enum flow_offload_tuple_dir dir; |
||
18 | struct flow_offload *flow; |
||
19 | struct net_device *outdev; |
||
20 | - const struct rtable *rt; |
||
21 | + struct rtable *rt; |
||
22 | unsigned int thoff; |
||
23 | struct iphdr *iph; |
||
24 | __be32 nexthop; |
||
25 | @@ -241,7 +241,7 @@ nf_flow_offload_ip_hook(void *priv, stru |
||
26 | |||
27 | dir = tuplehash->tuple.dir; |
||
28 | flow = container_of(tuplehash, struct flow_offload, tuplehash[dir]); |
||
29 | - rt = (const struct rtable *)flow->tuplehash[!dir].tuple.dst_cache; |
||
30 | + rt = (struct rtable *)flow->tuplehash[!dir].tuple.dst_cache; |
||
31 | |||
32 | if (unlikely(nf_flow_exceeds_mtu(skb, flow->tuplehash[dir].tuple.mtu)) && |
||
33 | (ip_hdr(skb)->frag_off & htons(IP_DF)) != 0) |
||
34 | @@ -264,6 +264,7 @@ nf_flow_offload_ip_hook(void *priv, stru |
||
35 | |||
36 | skb->dev = outdev; |
||
37 | nexthop = rt_nexthop(rt, flow->tuplehash[!dir].tuple.src_v4.s_addr); |
||
38 | + skb_dst_set_noref(skb, &rt->dst); |
||
39 | neigh_xmit(NEIGH_ARP_TABLE, outdev, &nexthop, skb); |
||
40 | |||
41 | return NF_STOLEN; |
||
42 | @@ -480,6 +481,7 @@ nf_flow_offload_ipv6_hook(void *priv, st |
||
43 | |||
44 | skb->dev = outdev; |
||
45 | nexthop = rt6_nexthop(rt, &flow->tuplehash[!dir].tuple.src_v6); |
||
46 | + skb_dst_set_noref(skb, &rt->dst); |
||
47 | neigh_xmit(NEIGH_ND_TABLE, outdev, nexthop, skb); |
||
48 | |||
49 | return NF_STOLEN; |