bpf: don't use bpf_redirect_neigh() from overlay programs

Yusuke chased down a kernel bug [0] that causes memory leaks when
bpf_redirect_neigh() is called from bpf_overlay.

As work-around we can opt-out from using the helper, and going down the
fallback path in the callers (eg treating it like a call from XDP context).

[0]: https://lore.kernel.org/netdev/20251003073418.291171-1-daniel@iogearbox.net/T/#u
Reported-by: Yusuke Suzuki <yusuke.suzuki@isovalent.com>
Signed-off-by: Julian Wiedmann <jwi@isovalent.com>

Author: julianwiedmann

bpf/lib/overloadable_skb.h

@@ -153,6 +153,12 @@ redirect_self(const struct __sk_buff *ctx)
 static __always_inline __maybe_unused bool
 neigh_resolver_available(void)
 {
+	/* Work around for
+	 * https://lore.kernel.org/netdev/20251003073418.291171-1-daniel@iogearbox.net
+	 */
+	if (is_defined(IS_BPF_OVERLAY))
+		return false;
+
 	return true;
 }
 

bpf/tests/overlay.c

@@ -0,0 +1,22 @@
+// SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+/* Copyright Authors of Cilium */
+
+#include <bpf/ctx/skb.h>
+#include "common.h"
+
+#include "bpf_overlay.c"
+
+CHECK("tc", "overlay_neigh_resolver")
+int overlay_neigh_resolver(__maybe_unused struct __sk_buff *ctx)
+{
+	test_init();
+
+	/* Due to https://lore.kernel.org/netdev/20251003073418.291171-1-daniel@iogearbox.net
+	 * we shouldn't use bpf_redirect_neigh() from overlay programs.
+	 */
+	TEST("no_neigh_resolver_on_overlay", {
+		assert(!neigh_resolver_available());
+	});
+
+	test_finish();
+}

bpf/tests/tc_egressgw_redirect_from_overlay_with_egress_interface.c

@@ -53,8 +53,8 @@ static __always_inline __maybe_unused long
 mock_fib_lookup(void *ctx __maybe_unused, struct bpf_fib_lookup *params __maybe_unused,
 		int plen __maybe_unused, __u32 flags __maybe_unused)
 {
-	/* Should not need a FIB lookup, we provide the EGRESS_IFINDEX */
-	return -1;
+	params->ifindex = IFACE_IFINDEX;
+	return 0;
 }
 
 /* Test that a packet matching an egress gateway policy on the from-overlay program