Skip to content

Commit c75fc0b

Browse files
ummakynesummakynes
committed
gtp: identify tunnel via GTP device + GTP version + TEID + family
This allows to define a GTP tunnel for dual stack MS/UE with both IPv4 and IPv6 addresses while using the same TEID via two PDP context objects. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
1 parent e30ea48 commit c75fc0b

1 file changed

Lines changed: 63 additions & 22 deletions

File tree

drivers/net/gtp.c

Lines changed: 63 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -141,31 +141,33 @@ static u32 ipv6_hashfn(const struct in6_addr *ip6)
141141
}
142142

143143
/* Resolve a PDP context structure based on the 64bit TID. */
144-
static struct pdp_ctx *gtp0_pdp_find(struct gtp_dev *gtp, u64 tid)
144+
static struct pdp_ctx *gtp0_pdp_find(struct gtp_dev *gtp, u64 tid, u16 family)
145145
{
146146
struct hlist_head *head;
147147
struct pdp_ctx *pdp;
148148

149149
head = &gtp->tid_hash[gtp0_hashfn(tid) % gtp->hash_size];
150150

151151
hlist_for_each_entry_rcu(pdp, head, hlist_tid) {
152-
if (pdp->gtp_version == GTP_V0 &&
152+
if (pdp->af == family &&
153+
pdp->gtp_version == GTP_V0 &&
153154
pdp->u.v0.tid == tid)
154155
return pdp;
155156
}
156157
return NULL;
157158
}
158159

159160
/* Resolve a PDP context structure based on the 32bit TEI. */
160-
static struct pdp_ctx *gtp1_pdp_find(struct gtp_dev *gtp, u32 tid)
161+
static struct pdp_ctx *gtp1_pdp_find(struct gtp_dev *gtp, u32 tid, u16 family)
161162
{
162163
struct hlist_head *head;
163164
struct pdp_ctx *pdp;
164165

165166
head = &gtp->tid_hash[gtp1u_hashfn(tid) % gtp->hash_size];
166167

167168
hlist_for_each_entry_rcu(pdp, head, hlist_tid) {
168-
if (pdp->gtp_version == GTP_V1 &&
169+
if (pdp->af == family &&
170+
pdp->gtp_version == GTP_V1 &&
169171
pdp->u.v1.i_tei == tid)
170172
return pdp;
171173
}
@@ -305,15 +307,8 @@ static int gtp_inner_proto(struct sk_buff *skb, unsigned int hdrlen,
305307
}
306308

307309
static int gtp_rx(struct pdp_ctx *pctx, struct sk_buff *skb,
308-
unsigned int hdrlen, unsigned int role)
310+
unsigned int hdrlen, unsigned int role, __u16 inner_proto)
309311
{
310-
__u16 inner_proto;
311-
312-
if (gtp_inner_proto(skb, hdrlen, &inner_proto) < 0) {
313-
netdev_dbg(pctx->dev, "GTP packet does not encapsulate an IP packet\n");
314-
return -1;
315-
}
316-
317312
if (!gtp_check_ms(skb, pctx, hdrlen, role, inner_proto)) {
318313
netdev_dbg(pctx->dev, "No PDP ctx for this MS\n");
319314
return 1;
@@ -562,13 +557,29 @@ static int gtp0_handle_echo_resp(struct gtp_dev *gtp, struct sk_buff *skb)
562557
msg, 0, GTP_GENL_MCGRP, GFP_ATOMIC);
563558
}
564559

560+
static int gtp_proto_to_family(__u16 proto)
561+
{
562+
switch (proto) {
563+
case ETH_P_IP:
564+
return AF_INET;
565+
case ETH_P_IPV6:
566+
return AF_INET6;
567+
default:
568+
WARN_ON_ONCE(1);
569+
break;
570+
}
571+
572+
return AF_UNSPEC;
573+
}
574+
565575
/* 1 means pass up to the stack, -1 means drop and 0 means decapsulated. */
566576
static int gtp0_udp_encap_recv(struct gtp_dev *gtp, struct sk_buff *skb)
567577
{
568578
unsigned int hdrlen = sizeof(struct udphdr) +
569579
sizeof(struct gtp0_header);
570580
struct gtp0_header *gtp0;
571581
struct pdp_ctx *pctx;
582+
__u16 inner_proto;
572583

573584
if (!pskb_may_pull(skb, hdrlen))
574585
return -1;
@@ -591,13 +602,19 @@ static int gtp0_udp_encap_recv(struct gtp_dev *gtp, struct sk_buff *skb)
591602
if (gtp0->type != GTP_TPDU)
592603
return 1;
593604

594-
pctx = gtp0_pdp_find(gtp, be64_to_cpu(gtp0->tid));
605+
if (gtp_inner_proto(skb, hdrlen, &inner_proto) < 0) {
606+
netdev_dbg(gtp->dev, "GTP packet does not encapsulate an IP packet\n");
607+
return -1;
608+
}
609+
610+
pctx = gtp0_pdp_find(gtp, be64_to_cpu(gtp0->tid),
611+
gtp_proto_to_family(inner_proto));
595612
if (!pctx) {
596613
netdev_dbg(gtp->dev, "No PDP ctx to decap skb=%p\n", skb);
597614
return 1;
598615
}
599616

600-
return gtp_rx(pctx, skb, hdrlen, gtp->role);
617+
return gtp_rx(pctx, skb, hdrlen, gtp->role, inner_proto);
601618
}
602619

603620
/* msg_type has to be GTP_ECHO_REQ or GTP_ECHO_RSP */
@@ -768,6 +785,7 @@ static int gtp1u_udp_encap_recv(struct gtp_dev *gtp, struct sk_buff *skb)
768785
sizeof(struct gtp1_header);
769786
struct gtp1_header *gtp1;
770787
struct pdp_ctx *pctx;
788+
__u16 inner_proto;
771789

772790
if (!pskb_may_pull(skb, hdrlen))
773791
return -1;
@@ -803,9 +821,15 @@ static int gtp1u_udp_encap_recv(struct gtp_dev *gtp, struct sk_buff *skb)
803821
if (!pskb_may_pull(skb, hdrlen))
804822
return -1;
805823

824+
if (gtp_inner_proto(skb, hdrlen, &inner_proto) < 0) {
825+
netdev_dbg(gtp->dev, "GTP packet does not encapsulate an IP packet\n");
826+
return -1;
827+
}
828+
806829
gtp1 = (struct gtp1_header *)(skb->data + sizeof(struct udphdr));
807830

808-
pctx = gtp1_pdp_find(gtp, ntohl(gtp1->tid));
831+
pctx = gtp1_pdp_find(gtp, ntohl(gtp1->tid),
832+
gtp_proto_to_family(inner_proto));
809833
if (!pctx) {
810834
netdev_dbg(gtp->dev, "No PDP ctx to decap skb=%p\n", skb);
811835
return 1;
@@ -815,7 +839,7 @@ static int gtp1u_udp_encap_recv(struct gtp_dev *gtp, struct sk_buff *skb)
815839
gtp_parse_exthdrs(skb, &hdrlen) < 0)
816840
return -1;
817841

818-
return gtp_rx(pctx, skb, hdrlen, gtp->role);
842+
return gtp_rx(pctx, skb, hdrlen, gtp->role, inner_proto);
819843
}
820844

821845
static void __gtp_encap_destroy(struct sock *sk)
@@ -1843,10 +1867,12 @@ static struct pdp_ctx *gtp_pdp_add(struct gtp_dev *gtp, struct sock *sk,
18431867
found = true;
18441868
if (version == GTP_V0)
18451869
pctx_tid = gtp0_pdp_find(gtp,
1846-
nla_get_u64(info->attrs[GTPA_TID]));
1870+
nla_get_u64(info->attrs[GTPA_TID]),
1871+
family);
18471872
else if (version == GTP_V1)
18481873
pctx_tid = gtp1_pdp_find(gtp,
1849-
nla_get_u32(info->attrs[GTPA_I_TEI]));
1874+
nla_get_u32(info->attrs[GTPA_I_TEI]),
1875+
family);
18501876
if (pctx_tid)
18511877
found = true;
18521878

@@ -2034,6 +2060,12 @@ static struct pdp_ctx *gtp_find_pdp_by_link(struct net *net,
20342060
struct nlattr *nla[])
20352061
{
20362062
struct gtp_dev *gtp;
2063+
int family;
2064+
2065+
if (nla[GTPA_FAMILY])
2066+
family = nla_get_u8(nla[GTPA_FAMILY]);
2067+
else
2068+
family = AF_INET;
20372069

20382070
gtp = gtp_find_dev(net, nla);
20392071
if (!gtp)
@@ -2042,10 +2074,16 @@ static struct pdp_ctx *gtp_find_pdp_by_link(struct net *net,
20422074
if (nla[GTPA_MS_ADDRESS]) {
20432075
__be32 ip = nla_get_be32(nla[GTPA_MS_ADDRESS]);
20442076

2077+
if (family != AF_INET)
2078+
return ERR_PTR(-EINVAL);
2079+
20452080
return ipv4_pdp_find(gtp, ip);
20462081
} else if (nla[GTPA_MS_ADDR6]) {
20472082
struct in6_addr addr = nla_get_in6_addr(nla[GTPA_MS_ADDR6]);
20482083

2084+
if (family != AF_INET6)
2085+
return ERR_PTR(-EINVAL);
2086+
20492087
if (addr.s6_addr32[2] ||
20502088
addr.s6_addr32[3])
20512089
return ERR_PTR(-EADDRNOTAVAIL);
@@ -2054,10 +2092,13 @@ static struct pdp_ctx *gtp_find_pdp_by_link(struct net *net,
20542092
} else if (nla[GTPA_VERSION]) {
20552093
u32 gtp_version = nla_get_u32(nla[GTPA_VERSION]);
20562094

2057-
if (gtp_version == GTP_V0 && nla[GTPA_TID])
2058-
return gtp0_pdp_find(gtp, nla_get_u64(nla[GTPA_TID]));
2059-
else if (gtp_version == GTP_V1 && nla[GTPA_I_TEI])
2060-
return gtp1_pdp_find(gtp, nla_get_u32(nla[GTPA_I_TEI]));
2095+
if (gtp_version == GTP_V0 && nla[GTPA_TID]) {
2096+
return gtp0_pdp_find(gtp, nla_get_u64(nla[GTPA_TID]),
2097+
family);
2098+
} else if (gtp_version == GTP_V1 && nla[GTPA_I_TEI]) {
2099+
return gtp1_pdp_find(gtp, nla_get_u32(nla[GTPA_I_TEI]),
2100+
family);
2101+
}
20612102
}
20622103

20632104
return ERR_PTR(-EINVAL);

0 commit comments

Comments
 (0)