| Message ID | 20211201202519.3637005-3-andrew@lunn.ch (mailing list archive) |
|---|---|
| State | RFC |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | Fix traceroute in the presence of SRv6 | expand |
On 12/1/21 1:25 PM, Andrew Lunn wrote: > diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c > index a7c31ab67c5d..dd1fe8a822e3 100644 > --- a/net/ipv6/icmp.c > +++ b/net/ipv6/icmp.c > @@ -818,9 +819,40 @@ static void icmpv6_echo_reply(struct sk_buff *skb) > local_bh_enable(); > } > > +/* Determine if the invoking packet contains a segment routing header. > + * If it does, extract the true destination address, which is in the > + * first segment address > + */ > +static void icmpv6_notify_srh(struct sk_buff *skb, struct inet6_skb_parm *opt) > +{ > + __u16 network_header = skb->network_header; > + struct ipv6_sr_hdr *srh; > + > + /* Update network header to point to the invoking packet > + * inside the ICMP packet, so we can use the seg6_get_srh() > + * helper. > + */ > + skb_reset_network_header(skb); > + > + srh = seg6_get_srh(skb, 0); > + if (!srh) > + goto out; > + > + if (srh->type != IPV6_SRCRT_TYPE_4) > + goto out; > + > + opt->flags |= IP6SKB_SEG6; > + opt->srhoff = (unsigned char *)srh - skb->data; > + > +out: > + /* Restore the network header back to the ICMP packet */ > + skb->network_header = network_header; > +} > + since this is SR specific, why not put it in seg6.c?
On Thu, Dec 02, 2021 at 09:38:36AM -0700, David Ahern wrote: > On 12/1/21 1:25 PM, Andrew Lunn wrote: > > diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c > > index a7c31ab67c5d..dd1fe8a822e3 100644 > > --- a/net/ipv6/icmp.c > > +++ b/net/ipv6/icmp.c > > @@ -818,9 +819,40 @@ static void icmpv6_echo_reply(struct sk_buff *skb) > > local_bh_enable(); > > } > > > > +/* Determine if the invoking packet contains a segment routing header. > > + * If it does, extract the true destination address, which is in the > > + * first segment address > > + */ > > +static void icmpv6_notify_srh(struct sk_buff *skb, struct inet6_skb_parm *opt) > > +{ > > + __u16 network_header = skb->network_header; > > + struct ipv6_sr_hdr *srh; > > + > > + /* Update network header to point to the invoking packet > > + * inside the ICMP packet, so we can use the seg6_get_srh() > > + * helper. > > + */ > > + skb_reset_network_header(skb); > > + > > + srh = seg6_get_srh(skb, 0); > > + if (!srh) > > + goto out; > > + > > + if (srh->type != IPV6_SRCRT_TYPE_4) > > + goto out; > > + > > + opt->flags |= IP6SKB_SEG6; > > + opt->srhoff = (unsigned char *)srh - skb->data; > > + > > +out: > > + /* Restore the network header back to the ICMP packet */ > > + skb->network_header = network_header; > > +} > > + > > since this is SR specific, why not put it in seg6.c? Hi David I can move it. I was thinking it is only every going to be called from one location, so having it here the compiler will inline it. And it is also very specific to ICMP. If you are not thinking ICMP, you might not actually understand what it is doing. Andrew
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h index 20c1f968da7c..a59d25f19385 100644 --- a/include/linux/ipv6.h +++ b/include/linux/ipv6.h @@ -133,6 +133,7 @@ struct inet6_skb_parm { __u16 dsthao; #endif __u16 frag_max_size; + __u16 srhoff; #define IP6SKB_XFRM_TRANSFORMED 1 #define IP6SKB_FORWARDED 2 @@ -142,6 +143,7 @@ struct inet6_skb_parm { #define IP6SKB_HOPBYHOP 32 #define IP6SKB_L3SLAVE 64 #define IP6SKB_JUMBOGRAM 128 +#define IP6SKB_SEG6 256 }; #if defined(CONFIG_NET_L3_MASTER_DEV) diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c index a7c31ab67c5d..dd1fe8a822e3 100644 --- a/net/ipv6/icmp.c +++ b/net/ipv6/icmp.c @@ -57,6 +57,7 @@ #include <net/protocol.h> #include <net/raw.h> #include <net/rawv6.h> +#include <net/seg6.h> #include <net/transp_v6.h> #include <net/ip6_route.h> #include <net/addrconf.h> @@ -818,9 +819,40 @@ static void icmpv6_echo_reply(struct sk_buff *skb) local_bh_enable(); } +/* Determine if the invoking packet contains a segment routing header. + * If it does, extract the true destination address, which is in the + * first segment address + */ +static void icmpv6_notify_srh(struct sk_buff *skb, struct inet6_skb_parm *opt) +{ + __u16 network_header = skb->network_header; + struct ipv6_sr_hdr *srh; + + /* Update network header to point to the invoking packet + * inside the ICMP packet, so we can use the seg6_get_srh() + * helper. + */ + skb_reset_network_header(skb); + + srh = seg6_get_srh(skb, 0); + if (!srh) + goto out; + + if (srh->type != IPV6_SRCRT_TYPE_4) + goto out; + + opt->flags |= IP6SKB_SEG6; + opt->srhoff = (unsigned char *)srh - skb->data; + +out: + /* Restore the network header back to the ICMP packet */ + skb->network_header = network_header; +} + void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info) { const struct inet6_protocol *ipprot; + struct inet6_skb_parm *opt = IP6CB(skb); int inner_offset; __be16 frag_off; u8 nexthdr; @@ -829,6 +861,8 @@ void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info) if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) goto out; + icmpv6_notify_srh(skb, opt); + nexthdr = ((struct ipv6hdr *)skb->data)->nexthdr; if (ipv6_ext_hdr(nexthdr)) { /* now skip over extension headers */ @@ -853,7 +887,7 @@ void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info) ipprot = rcu_dereference(inet6_protos[nexthdr]); if (ipprot && ipprot->err_handler) - ipprot->err_handler(skb, NULL, type, code, inner_offset, info); + ipprot->err_handler(skb, opt, type, code, inner_offset, info); raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info); return;
RFC8754 says: ICMP error packets generated within the SR domain are sent to source nodes within the SR domain. The invoking packet in the ICMP error message may contain an SRH. Since the destination address of a packet with an SRH changes as each segment is processed, it may not be the destination used by the socket or application that generated the invoking packet. For the source of an invoking packet to process the ICMP error message, the ultimate destination address of the IPv6 header may be required. The following logic is used to determine the destination address for use by protocol-error handlers. * Walk all extension headers of the invoking IPv6 packet to the routing extension header preceding the upper-layer header. - If routing header is type 4 Segment Routing Header (SRH) o The SID at Segment List[0] may be used as the destination address of the invoking packet. Mangle the skb so the network header points to the invoking packet inside the ICMP packet. The seg6 helpers can then be used on the skb to find any segment routing headers. If found, mark this fact in the IPv6 control block of the skb, and store the offset into the packet of the SRH. Then restore the skb back to its old state. Signed-off-by: Andrew Lunn <andrew@lunn.ch> --- include/linux/ipv6.h | 2 ++ net/ipv6/icmp.c | 36 +++++++++++++++++++++++++++++++++++- 2 files changed, 37 insertions(+), 1 deletion(-)