This change enforces the IP ID verification on outer headers. As a result
if the DF flag is not set on the outer header we will force the flow to be
flushed in the event that the IP ID is out of sequence with the existing
flow.
Signed-off-by: Alexander Duyck <adu...@mirantis.com>
---
drivers/net/geneve.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
index bc5da357e16d..f4b89b73517e 100644
--- a/drivers/net/geneve.c
+++ b/drivers/net/geneve.c
@@ -462,8 +462,6 @@ static struct sk_buff **geneve_gro_receive(struct sk_buff
**head,
goto out;
}
- flush = 0;
-
for (p = *head; p; p = p->next) {
if (!NAPI_GRO_CB(p)->same_flow)
continue;
@@ -474,20 +472,23 @@ static struct sk_buff **geneve_gro_receive(struct sk_buff
**head,
NAPI_GRO_CB(p)->same_flow = 0;
continue;
}
+
+ /* Include the IP ID check from the outer IP hdr */
+ NAPI_GRO_CB(p)->flush |= NAPI_GRO_CB(p)->flush_id;
}
type = gh->proto_type;
rcu_read_lock();
ptype = gro_find_receive_by_type(type);
- if (!ptype) {
- flush = 1;
+ if (!ptype)
goto out_unlock;
- }
skb_gro_pull(skb, gh_len);
skb_gro_postpull_rcsum(skb, gh, gh_len);
+
pp = ptype->callbacks.gro_receive(head, skb);
+ flush = 0;
out_unlock:
rcu_read_unlock();
