On Thu, Nov 05, 2020 at 11:30:35PM -0800, Martin KaFai Lau wrote:
> [ ... ]
>
> > @@ -585,12 +571,11 @@ int _ipip6_set_tunnel(struct __sk_buff *skb)
> > struct bpf_tunnel_key key = {};
> > void *data = (void *)(long)skb->data;
> > struct iphdr *iph = data;
> v4 hdr here.
Ah, right, I didn't notice this. I will fix it, maybe by checking
skb->family and use different IPv4,v6 hdr.
> > -SEC("ip6ip6_set_tunnel")
> > -int _ip6ip6_set_tunnel(struct __sk_buff *skb)
> > -{
> > - struct bpf_tunnel_key key = {};
> > - void *data = (void *)(long)skb->data;
> > - struct ipv6hdr *iph = data;
> IIUC, the patch is to replace _ip6ip6_set_tunnel with _ipip6_set_tunnel.
>
> Are they testing the same thing? At least, _ip6ip6_set_tunnel()
> is expecting a v6 hdr here.
Yes, the v4/v6 hdr here is just to check the data length.
>
> > - struct tcphdr *tcp = data + sizeof(*iph);
> > - void *data_end = (void *)(long)skb->data_end;
> > - int ret;
> > -
> > - /* single length check */
> > - if (data + sizeof(*iph) + sizeof(*tcp) > data_end) {
> > - ERROR(1);
> > - return TC_ACT_SHOT;
> > - }
^^ here
> > -
> > - key.remote_ipv6[0] = bpf_htonl(0x2401db00);
> > - key.tunnel_ttl = 64;
The code logic is same. It set tunnel remote addr to dst IPv6 address, as
they are both testing IP(v4 or v6) over IPv6 tunnel.
Thanks
Hangbin
