git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/commit

author	Antoine Tenart <atenart@kernel.org>
	Thu, 25 Mar 2021 15:35:32 +0000 (16:35 +0100)
committer	Stefan Bader <stefan.bader@canonical.com>
	Fri, 7 May 2021 07:53:34 +0000 (09:53 +0200)
commit	8a734168e62e2581f9997acc829903e9bc028f18
tree	0e8373465d13c01d903f4dcf343f5e3b5fd37f6c	tree
parent	79dc51df4c964dd39392ced191f8fb1465aa5759	commit \| diff

vxlan: do not modify the shared tunnel info when PMTU triggers an ICMP reply

BugLink: https://bugs.launchpad.net/bugs/1926368
[ Upstream commit 30a93d2b7d5a7cbb53ac19c9364a256d1aa6c08a ]

When the interface is part of a bridge or an Open vSwitch port and a
packet exceed a PMTU estimate, an ICMP reply is sent to the sender. When
using the external mode (collect metadata) the source and destination
addresses are reversed, so that Open vSwitch can match the packet
against an existing (reverse) flow.

But inverting the source and destination addresses in the shared
ip_tunnel_info will make following packets of the flow to use a wrong
destination address (packets will be tunnelled to itself), if the flow
isn't updated. Which happens with Open vSwitch, until the flow times
out.

Fixes this by uncloning the skb's ip_tunnel_info before inverting its
source and destination addresses, so that the modification will only be
made for the PTMU packet, not the following ones.

Fixes: fc68c99577cc ("vxlan: Support for PMTU discovery on directly bridged links")
Tested-by: Eelco Chaudron <echaudro@redhat.com>
Reviewed-by: Eelco Chaudron <echaudro@redhat.com>
Signed-off-by: Antoine Tenart <atenart@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>