On 18/07/2022 18:53, Paul Chaignon wrote:
> Commit 26101f5ab6bd ("bpf: Add source ip in "struct bpf_tunnel_key"")
> added support for getting and setting the outer source IP of encapsulated
> packets via the bpf_skb_{get,set}_tunnel_key BPF helper. This change
> allows BPF programs to set any IP address as the source, including for
> example the IP address of a container running on the same host.
>
> In that last case, however, the encapsulated packets are dropped when
> looking up the route because the source IP address isn't assigned to any
> interface on the host. To avoid this, we need to set the
> FLOWI_FLAG_ANYSRC flag.
>
> Changes in v2:
> - Removed changes to IPv6 code paths as they are unnecessary.
>
> Paul Chaignon (5):
> ip_tunnels: Add new flow flags field to ip_tunnel_key
> vxlan: Use ip_tunnel_key flow flags in route lookups
> geneve: Use ip_tunnel_key flow flags in route lookups
> bpf: Set flow flag to allow any source IP in bpf_tunnel_key
> selftests/bpf: Don't assign outer source IP to host
>
> drivers/net/geneve.c | 1 +
> drivers/net/vxlan/vxlan_core.c | 11 +++++++----
> include/net/ip_tunnels.h | 1 +
> net/core/filter.c | 1 +
> tools/testing/selftests/bpf/prog_tests/test_tunnel.c | 1 -
> 5 files changed, 10 insertions(+), 5 deletions(-)
>
Looks good, for the set:
Reviewed-by: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
