[PATCHv2,ipsec-next,06/10] ip6_vti: support IP6IP6 tunnel processing with .cb_handler

Message ID 1b18c11f965775fed2647eb78071af89177a70b5.1593502515.git.lucien.xin@gmail.com
State New
Headers show
Series
  • xfrm: support ipip and ipv6 tunnels in vti and xfrmi
Related show

Commit Message

Xin Long June 30, 2020, 7:36 a.m.
Similar to IPIP tunnel's processing, this patch is to support
IP6IP6 tunnel processing with .cb_handler.

Signed-off-by: Xin Long <lucien.xin@gmail.com>
---
 net/ipv6/ip6_vti.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

Comments

Xin Long July 5, 2020, 4:57 p.m. | #1
On Fri, Jul 3, 2020 at 7:33 AM kernel test robot <lkp@intel.com> wrote:
>

> Hi Xin,

>

> Thank you for the patch! Yet something to improve:

>

> [auto build test ERROR on ipsec-next/master]

>

> url:    https://github.com/0day-ci/linux/commits/Xin-Long/xfrm-support-ipip-and-ipv6-tunnels-in-vti-and-xfrmi/20200630-154042

> base:   https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git master

> config: x86_64-lkp (attached as .config)

> compiler: gcc-9 (Debian 9.3.0-14) 9.3.0

> reproduce (this is a W=1 build):

>         # save the attached .config to linux build tree

>         make W=1 ARCH=x86_64

>

> If you fix the issue, kindly add following tag as appropriate

> Reported-by: kernel test robot <lkp@intel.com>

>

> All errors (new ones prefixed by >>, old ones prefixed by <<):

>

> >> ERROR: modpost: "xfrm6_tunnel_spi_lookup" [net/ipv6/ip6_vti.ko] undefined!

That's right, I will add "#ifdef CONFIG_INET6_XFRM_TUNNEL" to fix this.
Actually, for ipv4 one, we also need "#ifdef CONFIG_INET_XFRM_TUNNEL".
It is because in vti(6) and xfrmi this feature is also for  IPComp(6),
 the same as xfrm(6)_tunnel in xfrm route.

Thanks for the report.

>

> ---

> 0-DAY CI Kernel Test Service, Intel Corporation

> https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Patch

diff --git a/net/ipv6/ip6_vti.c b/net/ipv6/ip6_vti.c
index 1147f64..2161648 100644
--- a/net/ipv6/ip6_vti.c
+++ b/net/ipv6/ip6_vti.c
@@ -343,6 +343,17 @@  static int vti6_rcv(struct sk_buff *skb)
 	return vti6_input_proto(skb, nexthdr, 0, 0);
 }
 
+static int vti6_rcv_tunnel(struct sk_buff *skb)
+{
+	const xfrm_address_t *saddr;
+	__be32 spi;
+
+	saddr = (const xfrm_address_t *)&ipv6_hdr(skb)->saddr;
+	spi = xfrm6_tunnel_spi_lookup(dev_net(skb->dev), saddr);
+
+	return vti6_input_proto(skb, IPPROTO_IPV6, spi, 0);
+}
+
 static int vti6_rcv_cb(struct sk_buff *skb, int err)
 {
 	unsigned short family;
@@ -1218,6 +1229,13 @@  static struct xfrm6_protocol vti_ipcomp6_protocol __read_mostly = {
 	.priority	=	100,
 };
 
+static struct xfrm6_tunnel vti_ipv6_handler __read_mostly = {
+	.handler	=	vti6_rcv_tunnel,
+	.cb_handler	=	vti6_rcv_cb,
+	.err_handler	=	vti6_err,
+	.priority	=	0,
+};
+
 /**
  * vti6_tunnel_init - register protocol and reserve needed resources
  *
@@ -1243,6 +1261,10 @@  static int __init vti6_tunnel_init(void)
 	err = xfrm6_protocol_register(&vti_ipcomp6_protocol, IPPROTO_COMP);
 	if (err < 0)
 		goto xfrm_proto_comp_failed;
+	msg = "ipv6 tunnel";
+	err = xfrm6_tunnel_register(&vti_ipv6_handler, AF_INET6);
+	if (err < 0)
+		goto vti_tunnel_failed;
 
 	msg = "netlink interface";
 	err = rtnl_link_register(&vti6_link_ops);
@@ -1252,6 +1274,8 @@  static int __init vti6_tunnel_init(void)
 	return 0;
 
 rtnl_link_failed:
+	err = xfrm6_tunnel_deregister(&vti_ipv6_handler, AF_INET6);
+vti_tunnel_failed:
 	xfrm6_protocol_deregister(&vti_ipcomp6_protocol, IPPROTO_COMP);
 xfrm_proto_comp_failed:
 	xfrm6_protocol_deregister(&vti_ah6_protocol, IPPROTO_AH);
@@ -1270,6 +1294,7 @@  static int __init vti6_tunnel_init(void)
 static void __exit vti6_tunnel_cleanup(void)
 {
 	rtnl_link_unregister(&vti6_link_ops);
+	xfrm6_tunnel_deregister(&vti_ipv6_handler, AF_INET6);
 	xfrm6_protocol_deregister(&vti_ipcomp6_protocol, IPPROTO_COMP);
 	xfrm6_protocol_deregister(&vti_ah6_protocol, IPPROTO_AH);
 	xfrm6_protocol_deregister(&vti_esp6_protocol, IPPROTO_ESP);