[PATCH net 0/3] ip_gre, ip6_gre: o_seqno fixes

[Peilin Ye <yepeilin.cs@gmail.com>]

From: Peilin Ye <peilin.ye@bytedance.com>

Hi all,

As pointed out [1] by Jakub Kicinski, currently using TUNNEL_SEQ in
collect_md mode is racy for [IP6]GRE[TAP] devices, since they (typically,
e.g. if created using "ip") use lockless TX.

Patch [3/3] fixes it by making o_seqno atomic_t.

As mentioned by Eric Dumazet in commit b790e01aee74 ("ip_gre: lockless
xmit"), making o_seqno atomic_t increases "chance for packets being out
of order at receiver" when using lockless TX.

Another way to fix it would be: users must specify "external" and "oseq"
at the same time if they want the kernel to allow using TUNNEL_SEQ (e.g.
via eBPF) in collect_md mode, but that would break userspace.

I found another issue while reading the code: patches [1,2/3] make o_seqno
start from 0 in native mode, as described in RFC 2890 [2] section 2.2.:
"The first datagram is sent with a sequence number of 0."

Now we could make [IP6]GRE[TAP] (and probably [IP6]ERSPAN ?) devices
completely NETIF_F_LLTX, but that's out of scope of this fix and will be
sent as separate [net-next] patches.

[1] https://lore.kernel.org/netdev/20220415191133.0597a79a@kernel.org/
[2] https://datatracker.ietf.org/doc/html/rfc2890#section-2.2

Thanks,
Peilin Ye (3):
  ip_gre: Make o_seqno start from 0 in native mode
  ip6_gre: Make o_seqno start from 0 in native mode
  ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode

 include/net/ip6_tunnel.h |  2 +-
 include/net/ip_tunnels.h |  2 +-
 net/ipv4/ip_gre.c        | 12 +++++-------
 net/ipv6/ip6_gre.c       | 16 ++++++++--------
 4 files changed, 15 insertions(+), 17 deletions(-)

-- 
2.20.1