lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 12 Mar 2023 14:07:05 +0800
From:   Vladimir Nikishkin <vladimir@...ishkin.pw>
To:     netdev@...r.kernel.org
Subject: [PATCH net-next v1 1/1] vxlan: Make vxlan try without a local
 bypass, if bypass fails.

From: Vladimir Nikishkin <vladimir@...ishkin.pw>
Date: Sun, 19 Feb 2023 21:24:49 +0800
Subject: [PATCH net-next v1 1/1] vxlan: Make vxlan try without a local bypass, if bypass fails.
Signed-off-by: Vladimir Nikishkin <vladimir@...ishkin.pw>
>From 8650e2e742b7a2cd6c35d1c034084b9f68e0f112 Mon Sep 17 00:00:00 2001
In vxlan_core, if an fdb entry is pointing to a local
address with some port, the system tries to get the packet to
deliver the packet to the vxlan directly, bypassing the network
stack.

This patch makes it still try canonical delivery, if there is no
linux kernel vxlan listening on this port. This will be useful
for the cases when there is some userspace daemon expecting
vxlan packets for post-processing, or some other implementation
of vxlan.

---
 drivers/net/vxlan/vxlan_core.c | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/drivers/net/vxlan/vxlan_core.c b/drivers/net/vxlan/vxlan_core.c
index b1b179effe2a..0379902da766 100644
--- a/drivers/net/vxlan/vxlan_core.c
+++ b/drivers/net/vxlan/vxlan_core.c
@@ -2422,19 +2422,13 @@ static int encap_bypass_if_local(struct sk_buff *skb, struct net_device *dev,
 	if (rt_flags & RTCF_LOCAL &&
 	    !(rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST))) {
 		struct vxlan_dev *dst_vxlan;
-
-		dst_release(dst);
 		dst_vxlan = vxlan_find_vni(vxlan->net, dst_ifindex, vni,
 					   daddr->sa.sa_family, dst_port,
 					   vxlan->cfg.flags);
 		if (!dst_vxlan) {
-			dev->stats.tx_errors++;
-			vxlan_vnifilter_count(vxlan, vni, NULL,
-					      VXLAN_VNI_STATS_TX_ERRORS, 0);
-			kfree_skb(skb);
-
-			return -ENOENT;
+			return 0;
 		}
+		dst_release(dst);
 		vxlan_encap_bypass(skb, vxlan, dst_vxlan, vni, true);
 		return 1;
 	}
-- 
2.35.7


-- 
Your sincerely,
Vladimir Nikishkin (MiEr, lockywolf)
(Laptop)
--
Fastmail.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ