From patchwork Wed May 5 15:35:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Abeni X-Patchwork-Id: 12240231 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E2522C433ED for ; Wed, 5 May 2021 15:36:16 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id BCA29613C9 for ; Wed, 5 May 2021 15:36:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233524AbhEEPhM (ORCPT ); Wed, 5 May 2021 11:37:12 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:35753 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233451AbhEEPhK (ORCPT ); Wed, 5 May 2021 11:37:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1620228973; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=veIe36wt1iFqwVKLfJM7bzNLO9cPjV1Dy1lTkdUQn8A=; b=EfMqQtG6WClq6RpE1W3/WdrLhzSi+pHzvLvrA2bvrultC/aS4M8vOrBt5/LDcVjDjgHiic IsyiNmfgo+htHB9N5DPsx8qaVFBqrYqJs3oxoehACIHmHgfap3BmbKlU5wdKYBtSPcp7Lc l2Mc92ervu1lj1Lg3owFViAQa3tDm3M= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-447-QG2AYR44Mnmea44XsIM-nw-1; Wed, 05 May 2021 11:36:11 -0400 X-MC-Unique: QG2AYR44Mnmea44XsIM-nw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id E582310CE780; Wed, 5 May 2021 15:36:09 +0000 (UTC) Received: from gerbillo.redhat.com (ovpn-113-175.ams2.redhat.com [10.36.113.175]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6498D5C1A3; Wed, 5 May 2021 15:36:08 +0000 (UTC) From: Paolo Abeni To: netdev@vger.kernel.org Cc: "David S. Miller" , Jakub Kicinski , Steffen Klassert , Willem de Bruijn , Miaohe Lin Subject: [PATCH net 1/4] net: fix double-free on fraglist GSO skbs Date: Wed, 5 May 2021 17:35:01 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org While segmenting a SKB_GSO_FRAGLIST GSO packet, if the destructor callback is available, the skb destructor is invoked on each aggregated packet via skb_release_head_state(). Such field (and the pairer skb->sk) is left untouched, so the same destructor is invoked again when the segmented skbs are freed, leading to double-free/UaF of the relevant socket. The problem is observable since commit c75fb320d482 ("veth: use skb_orphan_partial instead of skb_orphan"), which allowed non orphaned skbs to enter the GRO engine, but the root cause is there since the introduction of GSO fraglist This change addresses the above issue explixitly clearing the segmented skb destructor after the skb_release_head_state() call. Fixes: c75fb320d482 ("veth: use skb_orphan_partial instead of skb_orphan") Fixes: 3a1296a38d0c ("net: Support GRO/GSO fraglist chaining.") Signed-off-by: Paolo Abeni --- net/core/skbuff.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 3ad22870298c..75f3e70f8cd5 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -3818,6 +3818,12 @@ struct sk_buff *skb_segment_list(struct sk_buff *skb, skb_release_head_state(nskb); __copy_skb_header(nskb, skb); + /* __copy_skb_header() does not initialize the sk-related fields, + * and skb_release_head_state() already orphaned nskb + */ + nskb->sk = NULL; + nskb->destructor = NULL; + skb_headers_offset_update(nskb, skb_headroom(nskb) - skb_headroom(skb)); skb_copy_from_linear_data_offset(skb, -tnl_hlen, nskb->data - tnl_hlen, From patchwork Wed May 5 15:35:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Abeni X-Patchwork-Id: 12240233 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B81BC43460 for ; Wed, 5 May 2021 15:36:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 746A6613C9 for ; Wed, 5 May 2021 15:36:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233545AbhEEPhP (ORCPT ); Wed, 5 May 2021 11:37:15 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]:27589 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233525AbhEEPhM (ORCPT ); Wed, 5 May 2021 11:37:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1620228975; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=hgkEObWrhPpU0VWlIFg59d/bFDsmQ4iUBVoNuyOzllY=; b=Ps+Uicae+ArtTTTBlmcnYvUqN8N0ZlmI1NlMSESMtaMlkGPK7J7bEOXr5pUBJiOLlChRDI tx6teUkNUC99AH2/NwPUykCh4JI6oLe7LsiWaV8uDgOqbkiY/z27mCZgMmeQW5kRYEpaer o5JhH99t3QozE0rA+mlRAky7XkErbRM= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-104-QvKtzQ0dNSqwtQjUaT4kGA-1; Wed, 05 May 2021 11:36:13 -0400 X-MC-Unique: QvKtzQ0dNSqwtQjUaT4kGA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D0086107ACC7; Wed, 5 May 2021 15:36:11 +0000 (UTC) Received: from gerbillo.redhat.com (ovpn-113-175.ams2.redhat.com [10.36.113.175]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4A7635C1A3; Wed, 5 May 2021 15:36:10 +0000 (UTC) From: Paolo Abeni To: netdev@vger.kernel.org Cc: "David S. Miller" , Jakub Kicinski , Steffen Klassert , Willem de Bruijn , Miaohe Lin Subject: [PATCH net 2/4] udp: fix out-of-bound at segmentation time Date: Wed, 5 May 2021 17:35:02 +0200 Message-Id: <5e72b33838c6f19d770062e736f0517610ada4e7.1620223174.git.pabeni@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org In the following scenario: GRO -> SKB_GSO_FRAGLIST aggregation -> forward -> xmit over UDP tunnel -> segmentation __udp_gso_segment_list() will take place and later skb_udp_tunnel_segment() will try to make the segmented packets outer UDP header checksum via gso_make_checksum(). The latter expect valids SKB_GSO_CB(skb)->csum and SKB_GSO_CB(skb)->csum_start, but such fields are not initialized by __udp_gso_segment_list(). gso_make_checksum() will end-up using a negative offset and that will trigger the following splat: ================================================================== BUG: KASAN: slab-out-of-bounds in do_csum+0x3d8/0x400 Read of size 1 at addr ffff888113ab5880 by task napi/br_port-81/1105 CPU: 1 PID: 1105 Comm: napi/br_port-81 Not tainted 5.12.0-rc2.mptcp_autotune_ce84e1323bebe+ #268 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 04/01/2014 Call Trace: dump_stack+0xfa/0x151 print_address_description.constprop.0+0x16/0xa0 __kasan_report.cold+0x37/0x80 kasan_report+0x3a/0x50 do_csum+0x3d8/0x400 csum_partial+0x21/0x30 __skb_udp_tunnel_segment+0xd79/0x1ae0 skb_udp_tunnel_segment+0x233/0x460 udp4_ufo_fragment+0x50d/0x720 inet_gso_segment+0x525/0x1120 skb_mac_gso_segment+0x278/0x570 __udp_gso_segment_list() already has all the relevant data handy, fix the issue traversing the segments list and updating the GSO CB, if this is a tunnel GSO packet. The issue is present since SKB_GSO_FRAGLIST introduction, but is observable only since commit 18f25dc39990 ("udp: skip L4 aggregation for UDP tunnel packets") Fixes: 18f25dc39990 ("udp: skip L4 aggregation for UDP tunnel packets") Signed-off-by: Paolo Abeni --- net/ipv4/udp_offload.c | 45 +++++++++++++++++++++++++++++------------- 1 file changed, 31 insertions(+), 14 deletions(-) diff --git a/net/ipv4/udp_offload.c b/net/ipv4/udp_offload.c index 54e06b88af69..9f6022ba6bcd 100644 --- a/net/ipv4/udp_offload.c +++ b/net/ipv4/udp_offload.c @@ -214,8 +214,10 @@ static void __udpv4_gso_segment_csum(struct sk_buff *seg, *oldip = *newip; } -static struct sk_buff *__udpv4_gso_segment_list_csum(struct sk_buff *segs) +static void __udp_gso_segment_list_csum(struct sk_buff *segs, bool is_ipv6, + bool is_tunnel) { + bool update_csum = !is_ipv6; struct sk_buff *seg; struct udphdr *uh, *uh2; struct iphdr *iph, *iph2; @@ -224,31 +226,45 @@ static struct sk_buff *__udpv4_gso_segment_list_csum(struct sk_buff *segs) uh = udp_hdr(seg); iph = ip_hdr(seg); - if ((udp_hdr(seg)->dest == udp_hdr(seg->next)->dest) && + if (update_csum && (udp_hdr(seg)->dest == udp_hdr(seg->next)->dest) && (udp_hdr(seg)->source == udp_hdr(seg->next)->source) && (ip_hdr(seg)->daddr == ip_hdr(seg->next)->daddr) && (ip_hdr(seg)->saddr == ip_hdr(seg->next)->saddr)) - return segs; + update_csum = false; + + if (!update_csum && !is_tunnel) + return; + /* this skb is CHECKSUM_NONE, if it has also a tunnel header + * later __skb_udp_tunnel_segment() will try to make the + * outer header csum and will need valid csum* fields + */ + SKB_GSO_CB(seg)->csum = ~uh->check; + SKB_GSO_CB(seg)->csum_start = seg->transport_header; while ((seg = seg->next)) { uh2 = udp_hdr(seg); - iph2 = ip_hdr(seg); - - __udpv4_gso_segment_csum(seg, - &iph2->saddr, &iph->saddr, - &uh2->source, &uh->source); - __udpv4_gso_segment_csum(seg, - &iph2->daddr, &iph->daddr, - &uh2->dest, &uh->dest); - } + if (update_csum) { + iph2 = ip_hdr(seg); + + __udpv4_gso_segment_csum(seg, + &iph2->saddr, &iph->saddr, + &uh2->source, &uh->source); + __udpv4_gso_segment_csum(seg, + &iph2->daddr, &iph->daddr, + &uh2->dest, &uh->dest); + } - return segs; + SKB_GSO_CB(seg)->csum = ~uh2->check; + SKB_GSO_CB(seg)->csum_start = seg->transport_header; + } } static struct sk_buff *__udp_gso_segment_list(struct sk_buff *skb, netdev_features_t features, bool is_ipv6) { + bool is_tunnel = !!(skb_shinfo(skb)->gso_type & + (SKB_GSO_UDP_TUNNEL | SKB_GSO_UDP_TUNNEL_CSUM)); unsigned int mss = skb_shinfo(skb)->gso_size; skb = skb_segment_list(skb, features, skb_mac_header_len(skb)); @@ -257,7 +273,8 @@ static struct sk_buff *__udp_gso_segment_list(struct sk_buff *skb, udp_hdr(skb)->len = htons(sizeof(struct udphdr) + mss); - return is_ipv6 ? skb : __udpv4_gso_segment_list_csum(skb); + __udp_gso_segment_list_csum(skb, is_ipv6, is_tunnel); + return skb; } struct sk_buff *__udp_gso_segment(struct sk_buff *gso_skb, From patchwork Wed May 5 15:35:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Abeni X-Patchwork-Id: 12240235 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id F0A12C433ED for ; Wed, 5 May 2021 15:36:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B1861613BE for ; Wed, 5 May 2021 15:36:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233589AbhEEPhQ (ORCPT ); Wed, 5 May 2021 11:37:16 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:45144 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233452AbhEEPhO (ORCPT ); Wed, 5 May 2021 11:37:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1620228977; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YvdbRSXKsl8EcPxFehFnLQSd8UpCqfqK+GUz+J8sAXY=; b=fVryZplKwS+5docWhG94YaASvP2LuXxgRvvVozCIhVbKHYR0/hN2djYMOEHw/sK7baRhCO JJj8Cr4xpr2dUapXVQiM4Hw2VTp/ScRgcrFtUw9+IFYcyDXpEJOmQyjDPV2IggRQVTA0/D 9leWRvq0orMRCeIpCEO4R0Cxr5hbL+s= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-157-RbHIzzb1NyW_vZtDVdgy0w-1; Wed, 05 May 2021 11:36:15 -0400 X-MC-Unique: RbHIzzb1NyW_vZtDVdgy0w-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A4CBA107ACCD; Wed, 5 May 2021 15:36:13 +0000 (UTC) Received: from gerbillo.redhat.com (ovpn-113-175.ams2.redhat.com [10.36.113.175]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3305D5C1A3; Wed, 5 May 2021 15:36:12 +0000 (UTC) From: Paolo Abeni To: netdev@vger.kernel.org Cc: "David S. Miller" , Jakub Kicinski , Steffen Klassert , Willem de Bruijn , Miaohe Lin Subject: [PATCH net 3/4] udp: fix outer header csum for SKB_GSO_FRAGLIST over UDP tunnel Date: Wed, 5 May 2021 17:35:03 +0200 Message-Id: <82e982530f74f7b736071f041918c22919b734d8.1620223174.git.pabeni@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org In the following scenario: GRO -> SKB_GSO_FRAGLIST aggregation -> forward -> xmit over UDP tunnel SKB_GSO_FRAGLIST packet traverse an UDP tunnel in the xmit path. The tunnel code sets up the outer header csum via udp_set_csum() and the latter assumes that each GSO packet is CHECKSUM_PARTIAL. Since the introduction of SKB_GSO_FRAGLIST and veth GRO, the above assumption is not true anymore as SKB_GSO_FRAGLIST are CHECKSUM_UNNECESSARY, and the csum for the outer header will be left uninitialized. All the above will cause wrong outer UDP header checksum when the mentioned packet will be xmitted on some real NIC. This change addresses the issue explicitly checking for both gso and CHECKSUM_PARTIAL in udp_set_csum(), so that the mentioned packet will be processed correctly. Fixes: 9fd1ff5d2ac7 ("udp: Support UDP fraglist GRO/GSO.") Signed-off-by: Paolo Abeni --- net/ipv4/udp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index 15f5504adf5b..055fceb18bea 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -857,7 +857,7 @@ void udp_set_csum(bool nocheck, struct sk_buff *skb, if (nocheck) { uh->check = 0; - } else if (skb_is_gso(skb)) { + } else if (skb_is_gso(skb) && skb->ip_summed == CHECKSUM_PARTIAL) { uh->check = ~udp_v4_check(len, saddr, daddr, 0); } else if (skb->ip_summed == CHECKSUM_PARTIAL) { uh->check = 0; From patchwork Wed May 5 15:35:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Abeni X-Patchwork-Id: 12240237 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4DF60C433B4 for ; Wed, 5 May 2021 15:36:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 171D8613C4 for ; Wed, 5 May 2021 15:36:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233618AbhEEPhX (ORCPT ); Wed, 5 May 2021 11:37:23 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:40572 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233614AbhEEPhS (ORCPT ); Wed, 5 May 2021 11:37:18 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1620228981; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=hkIAZ0STm9IWCnndFp9K2a4ZUXMUkZ2Fdm7l99uqidw=; b=SMk28IlpeMuR3leTxcYioOX5OiGCsPIFentNwhvg6898U6RCVMn/X6PBYujoJsVAQOzLM5 2k3yg5uJiGrgYL+C1D+cTjAC3jBUihwzPbegeJe6Qvv57OkJV8a6dWmLyLJT7tDYC8xbCt U6S3VQab7itmVO2ytZHHBGFjgNsAIWc= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-77-4PoRonAzMV2KD27oUlOOsA-1; Wed, 05 May 2021 11:36:16 -0400 X-MC-Unique: 4PoRonAzMV2KD27oUlOOsA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7A11610CE780; Wed, 5 May 2021 15:36:15 +0000 (UTC) Received: from gerbillo.redhat.com (ovpn-113-175.ams2.redhat.com [10.36.113.175]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0467D5C1A3; Wed, 5 May 2021 15:36:13 +0000 (UTC) From: Paolo Abeni To: netdev@vger.kernel.org Cc: "David S. Miller" , Jakub Kicinski , Steffen Klassert , Willem de Bruijn , Miaohe Lin Subject: [PATCH net 4/4] selftests: more UDP GRO tests Date: Wed, 5 May 2021 17:35:04 +0200 Message-Id: <31746302323edf8282b8c9e80293ca45f1dbbf03.1620223174.git.pabeni@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Introduces explicit scenarios for the issues addressed on the previous patches, and functionally checks the expected aggregation and segmentation. Signed-off-by: Paolo Abeni --- tools/testing/selftests/net/set_sysfs_attr.sh | 15 ++++++ tools/testing/selftests/net/udpgro_fwd.sh | 54 +++++++++++++++++++ 2 files changed, 69 insertions(+) create mode 100755 tools/testing/selftests/net/set_sysfs_attr.sh diff --git a/tools/testing/selftests/net/set_sysfs_attr.sh b/tools/testing/selftests/net/set_sysfs_attr.sh new file mode 100755 index 000000000000..fd042a162326 --- /dev/null +++ b/tools/testing/selftests/net/set_sysfs_attr.sh @@ -0,0 +1,15 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0 + +if [ $# -lt 2 ]; then + echo -e "syntax:\n$0 []" + exit 0 +fi + +mount -t sysfs /sys 2>/dev/null +if [ $# -lt 3 ]; then + cat /sys/class/net/$1/$2 + exit $? +fi + +echo $3 > /sys/class/net/$1/$2 diff --git a/tools/testing/selftests/net/udpgro_fwd.sh b/tools/testing/selftests/net/udpgro_fwd.sh index a8fa64136282..8569b3f81fd7 100755 --- a/tools/testing/selftests/net/udpgro_fwd.sh +++ b/tools/testing/selftests/net/udpgro_fwd.sh @@ -79,6 +79,16 @@ create_vxlan_pair() { done } +move_address() { + local -r ns=$1 + local -r src_dev=$2 + local -r dst_dev=$3 + local -r addr=$4 + + ip -n $ns addr del dev $src_dev $addr + ip -n $ns addr add dev $dst_dev $addr nodad 2>/dev/null +} + is_ipv6() { if [[ $1 =~ .*:.* ]]; then return 0 @@ -86,6 +96,35 @@ is_ipv6() { return 1 } +create_bridge() { + local vxdev=vxlan$SRC + local src=$1 + local i + + is_ipv6 $src && vxdev=vxlan6$SRC + + create_vxlan_pair + ip -n $NS_SRC link add name br_port type veth peer name br_port_peer + ip -n $NS_SRC link add name br0 type bridge + ip -n $NS_SRC link set dev br0 up + ip -n $NS_SRC link set dev br_port_peer up + ip -n $NS_SRC link set dev br_port up master br0 + ip -n $NS_SRC link set dev $vxdev master br0 + move_address $NS_SRC $vxdev br_port_peer $src/24 + + ip -n $NS_SRC link set br_port xdp object ../bpf/xdp_dummy.o section xdp_dummy 2>/dev/null + ip netns exec $NS_SRC ./set_sysfs_attr.sh br_port threaded 1 + + # slowing down the input path, we will help the napi thread to + # aggregate as much packets as possible via GRO + modprobe br_netfilter 2>/dev/null + ip netns exec $NS_SRC sysctl -qw net.bridge.bridge-nf-call-iptables=1 + ip netns exec $NS_SRC sysctl -qw net.bridge.bridge-nf-call-ip6tables=1 + for i in `seq 1 100`; do + ip netns exec $NS_SRC $IPT -A FORWARD + done +} + run_test() { local -r msg=$1 local -r dst=$2 @@ -228,6 +267,21 @@ for family in 4 6; do run_test "GRO frag list over UDP tunnel" $OL_NET$DST 1 1 cleanup + create_bridge $OL_NET$SRC + ip netns exec $NS_SRC ethtool -K br_port rx-gro-list on + ip netns exec $NS_SRC ethtool -K br_port_peer tx-udp-segmentation off + ip netns exec $NS_DST ethtool -K veth$DST rx-gro-list on + run_test "GRO frag list over UDP tunnel segmentation" $OL_NET$DST 1 1 + cleanup + + create_bridge $OL_NET$SRC + ip netns exec $NS_SRC ethtool -K br_port rx-gro-list on + ip netns exec $NS_SRC ethtool -K br_port_peer tx-udp-segmentation off + ip netns exec $NS_DST ethtool -K veth$DST rx-gro-list on + ip netns exec $NS_SRC ethtool -K veth$SRC tx off + run_test "GRO frag list over UDP tunnel segmentation (tx csum off)" $OL_NET$DST 1 1 + cleanup + # use NAT to circumvent GRO FWD check create_vxlan_pair ip -n $NS_DST addr add dev $VXDEV$DST $OL_NET$DST_NAT/$SUFFIX