[Devel] [PATCH RHEL9 COMMIT] ve/net/gre: Disable ERSPAN support in ip_gre module
Konstantin Khorenko
khorenko at virtuozzo.com
Wed Jan 25 19:49:13 MSK 2023
The commit is pushed to "branch-rh9-5.14.0-162.6.1.vz9.18.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh9-5.14.0-162.6.1.vz9.18.6
------>
commit 7f237b6252db4ab4809e75e3d7282948db1c2b94
Author: Nikolay Borisov <nikolay.borisov at virtuozzo.com>
Date: Tue Jan 24 09:46:01 2023 +0200
ve/net/gre: Disable ERSPAN support in ip_gre module
Fix GRE support in Containers by disabling Encapsulated Remote Switched
Port Analyzer (ERSPAN), this is needed as the newly added ERSPAN support
isn't enabled for per-Container operation.
Furthermore this is a Cisco-specific protocol supported on some Catalyst
switches, used for traffic mirroring.
https://jira.sw.ru/browse/PSBM-144221
Signed-off-by: Nikolay Borisov <nikolay.borisov at virtuozzo.com>
---
net/ipv4/ip_gre.c | 33 +++++++++++++++++++++++++++++----
1 file changed, 29 insertions(+), 4 deletions(-)
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index 21f8cd379aca..c35f2031c1f5 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -1099,6 +1099,7 @@ static int ipgre_tap_validate(struct nlattr *tb[], struct nlattr *data[],
return ipgre_tunnel_validate(tb, data, extack);
}
+#ifndef CONFIG_VE
static int erspan_validate(struct nlattr *tb[], struct nlattr *data[],
struct netlink_ext_ack *extack)
{
@@ -1138,6 +1139,7 @@ static int erspan_validate(struct nlattr *tb[], struct nlattr *data[],
return 0;
}
+#endif
static int ipgre_netlink_parms(struct net_device *dev,
struct nlattr *data[],
@@ -1206,6 +1208,7 @@ static int ipgre_netlink_parms(struct net_device *dev,
return 0;
}
+#ifndef CONFIG_VE
static int erspan_netlink_parms(struct net_device *dev,
struct nlattr *data[],
struct nlattr *tb[],
@@ -1249,6 +1252,7 @@ static int erspan_netlink_parms(struct net_device *dev,
return 0;
}
+#endif
/* This function returns true when ENCAP attributes are present in the nl msg */
static bool ipgre_netlink_encap_parms(struct nlattr *data[],
@@ -1387,6 +1391,7 @@ static int ipgre_newlink(struct net *src_net, struct net_device *dev,
return ip_tunnel_newlink(dev, tb, &p, fwmark);
}
+#ifndef CONFIG_VE
static int erspan_newlink(struct net *src_net, struct net_device *dev,
struct nlattr *tb[], struct nlattr *data[],
struct netlink_ext_ack *extack)
@@ -1404,6 +1409,7 @@ static int erspan_newlink(struct net *src_net, struct net_device *dev,
return err;
return ip_tunnel_newlink(dev, tb, &p, fwmark);
}
+#endif
static int ipgre_changelink(struct net_device *dev, struct nlattr *tb[],
struct nlattr *data[],
@@ -1434,6 +1440,7 @@ static int ipgre_changelink(struct net_device *dev, struct nlattr *tb[],
return 0;
}
+#ifndef CONFIG_VE
static int erspan_changelink(struct net_device *dev, struct nlattr *tb[],
struct nlattr *data[],
struct netlink_ext_ack *extack)
@@ -1460,6 +1467,7 @@ static int erspan_changelink(struct net_device *dev, struct nlattr *tb[],
return 0;
}
+#endif
static size_t ipgre_get_size(const struct net_device *dev)
{
@@ -1573,6 +1581,7 @@ static int ipgre_fill_info(struct sk_buff *skb, const struct net_device *dev)
return -EMSGSIZE;
}
+#ifndef CONFIG_VE
static void erspan_setup(struct net_device *dev)
{
struct ip_tunnel *t = netdev_priv(dev);
@@ -1585,6 +1594,7 @@ static void erspan_setup(struct net_device *dev)
ip_tunnel_setup(dev, erspan_net_id);
t->erspan_ver = 1;
}
+#endif
static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = {
[IFLA_GRE_LINK] = { .type = NLA_U32 },
@@ -1640,6 +1650,7 @@ static struct rtnl_link_ops ipgre_tap_ops __read_mostly = {
.get_link_net = ip_tunnel_get_link_net,
};
+#ifndef CONFIG_VE
static struct rtnl_link_ops erspan_link_ops __read_mostly = {
.kind = "erspan",
.maxtype = IFLA_GRE_MAX,
@@ -1654,6 +1665,7 @@ static struct rtnl_link_ops erspan_link_ops __read_mostly = {
.fill_info = ipgre_fill_info,
.get_link_net = ip_tunnel_get_link_net,
};
+#endif
struct net_device *gretap_fb_dev_create(struct net *net, const char *name,
u8 name_assign_type)
@@ -1723,6 +1735,7 @@ static struct pernet_operations ipgre_tap_net_ops = {
.size = sizeof(struct ip_tunnel_net),
};
+#ifndef CONFIG_VE
static int __net_init erspan_init_net(struct net *net)
{
return ip_tunnel_init_net(net, erspan_net_id,
@@ -1740,6 +1753,7 @@ static struct pernet_operations erspan_net_ops = {
.id = &erspan_net_id,
.size = sizeof(struct ip_tunnel_net),
};
+#endif
static int __init ipgre_init(void)
{
@@ -1754,11 +1768,11 @@ static int __init ipgre_init(void)
err = register_pernet_device(&ipgre_tap_net_ops);
if (err < 0)
goto pnet_tap_failed;
-
+#ifndef CONFIG_VE
err = register_pernet_device(&erspan_net_ops);
if (err < 0)
goto pnet_erspan_failed;
-
+#endif
err = gre_add_protocol(&ipgre_protocol, GREPROTO_CISCO);
if (err < 0) {
pr_info("%s: can't add protocol\n", __func__);
@@ -1772,22 +1786,27 @@ static int __init ipgre_init(void)
err = rtnl_link_register(&ipgre_tap_ops);
if (err < 0)
goto tap_ops_failed;
-
+#ifndef CONFIG_VE
err = rtnl_link_register(&erspan_link_ops);
if (err < 0)
goto erspan_link_failed;
+#endif
return 0;
+#ifndef CONFIG_VE
erspan_link_failed:
+#endif
rtnl_link_unregister(&ipgre_tap_ops);
tap_ops_failed:
rtnl_link_unregister(&ipgre_link_ops);
rtnl_link_failed:
gre_del_protocol(&ipgre_protocol, GREPROTO_CISCO);
add_proto_failed:
+#ifndef CONFIG_VE
unregister_pernet_device(&erspan_net_ops);
pnet_erspan_failed:
+#endif
unregister_pernet_device(&ipgre_tap_net_ops);
pnet_tap_failed:
unregister_pernet_device(&ipgre_net_ops);
@@ -1798,11 +1817,15 @@ static void __exit ipgre_fini(void)
{
rtnl_link_unregister(&ipgre_tap_ops);
rtnl_link_unregister(&ipgre_link_ops);
+#ifndef CONFIG_VE
rtnl_link_unregister(&erspan_link_ops);
+#endif
gre_del_protocol(&ipgre_protocol, GREPROTO_CISCO);
unregister_pernet_device(&ipgre_tap_net_ops);
unregister_pernet_device(&ipgre_net_ops);
+#ifndef CONFIG_VE
unregister_pernet_device(&erspan_net_ops);
+#endif
}
module_init(ipgre_init);
@@ -1810,7 +1833,9 @@ module_exit(ipgre_fini);
MODULE_LICENSE("GPL");
MODULE_ALIAS_RTNL_LINK("gre");
MODULE_ALIAS_RTNL_LINK("gretap");
+#ifndef CONFIG_VE
MODULE_ALIAS_RTNL_LINK("erspan");
+MODULE_ALIAS_NETDEV("erspan0");
+#endif
MODULE_ALIAS_NETDEV("gre0");
MODULE_ALIAS_NETDEV("gretap0");
-MODULE_ALIAS_NETDEV("erspan0");
More information about the Devel
mailing list