Currently, bpf_lwt_push_ip_encap() does not update skb->transport_header. When a driver, e.g. ice, reuses the stale skb->transport_header to offload checksum computation to NIC hardware, VxLAN packets encapsulated by bpf_lwt_push_encap() helper may be dropped due to incorrect checksum.
Update skb->transport_header in bpf_lwt_push_ip_encap() whenever the encapsulated packet uses UDP, so checksum offload works correctly. Fix these two issues reported by sashiko: 1. memcpy() hdr to a local buffer to avoid TOCTOU issue. 1. "iph->ihl < 5" was missing to avoid infinite-loop in MIPS driver. Changes: v1 -> v2: * Address sashiko's reviews: * Fix TOCTOU issue in lwt to avoid changing hdr after checks. * Add check iph->ihl < 5 in lwt to avoid infinite-loop in MIPS driver. * Update comment style in selftests with BPF comment style. * v1: https://lore.kernel.org/bpf/[email protected]/ Leon Hwang (4): bpf: Fix TOCTOU issue in lwt bpf: Add check iph->ihl < 5 in lwt bpf: Update transport_header when encapsulating UDP tunnel in lwt selftests/bpf: Add tests to verify the fix of encapsulating VxLAN in lwt net/core/lwt_bpf.c | 20 ++- .../selftests/bpf/prog_tests/lwt_ip_encap.c | 158 ++++++++++++++++++ .../selftests/bpf/progs/test_lwt_ip_encap.c | 112 +++++++++++++ .../bpf/progs/test_lwt_ip_encap_fix.c | 36 ++++ 4 files changed, 323 insertions(+), 3 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/test_lwt_ip_encap_fix.c -- 2.54.0
