[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20250627152934.6379eefc@kernel.org>
Date: Fri, 27 Jun 2025 15:29:34 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Nicolas Dichtel <nicolas.dichtel@...nd.com>
Cc: "David S . Miller" <davem@...emloft.net>, Paolo Abeni
<pabeni@...hat.com>, Eric Dumazet <edumazet@...gle.com>, Simon Horman
<horms@...nel.org>, netdev@...r.kernel.org
Subject: Re: [PATCH net-next v2] ip6_tunnel: enable to change proto of fb
tunnels
On Thu, 26 Jun 2025 23:55:09 +0200 Nicolas Dichtel wrote:
> I finally checked all params, let's do this properly (:
Nice :)
> -static void ip6_tnl0_update(struct ip6_tnl *t, struct __ip6_tnl_parm *p)
> +static int ip6_tnl0_update(struct ip6_tnl *t, struct __ip6_tnl_parm *p,
> + bool strict)
> {
> - /* for default tnl0 device allow to change only the proto */
> + /* For the default ip6tnl0 device, allow changing only the protocol (the
nit: the "(the" may look better on the next line?
> + * IP6_TNL_F_CAP_PER_PACKET flag is set on ip6tnl0, and all other
> + * parameters are 0).
> + */
> + if (strict &&
> + (!ipv6_addr_any(&p->laddr) || !ipv6_addr_any(&p->raddr) ||
> + p->flags != t->parms.flags || p->hop_limit || p->encap_limit ||
> + p->flowinfo || p->link || p->fwmark || p->collect_md))
> + return -EINVAL;
> +
> t->parms.proto = p->proto;
> netdev_state_change(t->dev);
> + return 0;
> }
>
> static void
> @@ -1680,7 +1691,7 @@ ip6_tnl_siocdevprivate(struct net_device *dev, struct ifreq *ifr,
> } else
> t = netdev_priv(dev);
> if (dev == ip6n->fb_tnl_dev)
> - ip6_tnl0_update(t, &p1);
> + ip6_tnl0_update(t, &p1, false);
> else
> ip6_tnl_update(t, &p1);
> }
> @@ -2053,8 +2064,31 @@ static int ip6_tnl_changelink(struct net_device *dev, struct nlattr *tb[],
> struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
> struct ip_tunnel_encap ipencap;
>
> - if (dev == ip6n->fb_tnl_dev)
> - return -EINVAL;
> + if (dev == ip6n->fb_tnl_dev) {
> + struct ip6_tnl *t = netdev_priv(ip6n->fb_tnl_dev);
the compiler complains that t is declared here but not used..
> +
> + if (ip_tunnel_netlink_encap_parms(data, &ipencap)) {
> + /* iproute2 always sets TUNNEL_ENCAP_FLAG_CSUM6, so
> + * let's ignore this flag.
> + */
> + ipencap.flags &= ~TUNNEL_ENCAP_FLAG_CSUM6;
> + if (memchr_inv(&ipencap, 0, sizeof(ipencap))) {
> + NL_SET_ERR_MSG(extack,
> + "Only protocol can be changed for fallback tunnel, not encap params");
> + return -EINVAL;
> + }
> + }
> +
> + ip6_tnl_netlink_parms(data, &p);
> + if (ip6_tnl0_update(netdev_priv(ip6n->fb_tnl_dev), &p,
.. you probably meant to use it here?
--
pw-bot: cr
Powered by blists - more mailing lists