Don't use the inner header frag_off, this breaks GTP with fragments.
Instead, inconditionally set the DF flag, this should force us to
fragment the GTP traffic and I think this should also help with wrong
network topologies that result in network loops (that may
encapsulated GTP traffic over and over again).
Other tunnel implementation allows you to configure this.
This patch converts GTP_CMD_CFG_* genetlink commands to rtnl to
configure the socket address and the hashtable. The trick is to
use a workqueue to configure the socket.
This simplifies the netlink interface, now we have two:
* One to bring up the interface and the socket via rtnl.
* Another to configure tunnels / GTP version.
Before the socket configuration was separated from the the device
setup, which was sloppy.
Don't get confused with big GSO packets, we should not send
icmp frag needed as the temporary internal mtu of the linux
stack is not bounded to the real device mtu.
Fix MTU handling by using the real device hardware address length
and substract the IP header + UDP header + GTPvX header.
While at it, remove flags that are not required to be reset.
This patch refactorizes the xmit path to consolidate the common
handling and move the specific IPv4/IPv6 handling to helper
functions. The IPv6 support is incomplete though.
This patch adds the struct gtp_pktinfo that contains the context
information for tunneling this packet. This should help to avoid
functions with lots of parameters.
Tested with IPv4, still working.
Harald's code was originally dropping malformed packets. Once this
code is ported to 3.14, we'll likely use iptunnel functions that
also mangle the checksum after stripping off the UDP header. Restoring
all that is expensive, so let's assume that malformed GTP packets are
unlikely to happen.
We cannot rely on the skb->len > sizeof(struct udphdr) checking that
happens just before the encapsulation since that doesn't guarantee
that the UDP header is linear. Calling __skb_pull may result in getting
us out of the skbuff head boundary. Let's use pskb_may_pull() instead
which internally calls __pskb_pull_tail() to linearize the UDP header
if needed.
This call is not required at all. In __udp4_lib_rcv, just before
the encapsulation routine is called, the skb_steal_sock() call
makes sure that skb->sk is always null.
The lists of the hashtable are already protected by rcu and
addition/removal of objects is protected via rtnl_lock and
genl_lock.
Remove the _bh from many rcu_read_{lock,unlock}(). I don't find a good
reason to disable bottom halves.
I think it's very hard to deploy any hashbomb attack since the
entries are created via netlink, but let's just avoid that someone
generates traffic to spend cycles on a busy hashtable chain.
We already use a hashtable, the size is still hardcoded but that
should be easy to fix. I think the hashtable is just fine, no
need to add a rb-tree here.
* gtp_nl.h now contains exported netlink attributes and commands to
userspace.
* gtp.h contains internal definition for the GTP protocol implementation.
If the gtp tunneling code receives a too small/malformed message,
just let it continue its travel through the stack since it will
will just simply drop it itself.
This fixes a memory leak in these case, since we should release
the skbuff if the handler returns <= 0.
Several changes to get a working input handling:
* Set skb->dev to the tunnel device instead of the real_dev, to follow
the logical flow which is:
input packet -> eth0 -> gtp0
eth0 <- gtp0 <- output packet
* Set skb->ip_summed = CHECKSUM_NONE to avoid a crash in skb_checksum()
when forwarding the packet.
* dev_forward_skb(), among many other things, calls skb_scrub_packet()
which resets the skb->mark. We already reset what we need from the
input path and the mark should still remain the same for decapsulated
packets for netfilter/iptables classification. So use netrx_if()
instead.
After this patch, it already forwards a (yet malformed) packet to
the real device. GTPv1 receival path yet untested but similar
changes that were done to GTPv0 has been done.