From patchwork Sat Jan 14 03:31:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 13101802 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 365FAC46467 for ; Sat, 14 Jan 2023 03:31:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230088AbjANDbm (ORCPT ); Fri, 13 Jan 2023 22:31:42 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33022 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229830AbjANDbk (ORCPT ); Fri, 13 Jan 2023 22:31:40 -0500 Received: from mail-qt1-x830.google.com (mail-qt1-x830.google.com [IPv6:2607:f8b0:4864:20::830]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 482AF8B772 for ; Fri, 13 Jan 2023 19:31:39 -0800 (PST) Received: by mail-qt1-x830.google.com with SMTP id y7so2197297qtv.5 for ; Fri, 13 Jan 2023 19:31:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Y0xNdytxS8CDoLqiLtfyZpaU170syQa6Cetm8SyHT2g=; b=l/ZPdTVsatsN83o81h5awCH+ocGFMzDMwEAql6FSBEfPi0Tdm3b+DDDNEc0ZIYo1Xb RSl7ZxtRuGL/fXd9mVrjB/TCcdRdByUUQmfWAGOulvwOf7jyA9gRdrw08cERt3gLU6q7 4cyroyMUKUWrK5Q3KuIlBWu1psHAfJUok6XKM1lQ0z+t5itWjcyjMo2ORtbkHggYbFX7 zUN+DueLmZ6Q1GWLb+/byKR1NoVMI3UE0Q6GJlpU/cUfVlKwFQW0tTDClbYqGi6inldk //RCO0KweJJb+dOGavrsEYSguHo+qKMCWedjPn+53rMv3qE21hHLIzSRxs2aYDOQSQ4a 5BLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Y0xNdytxS8CDoLqiLtfyZpaU170syQa6Cetm8SyHT2g=; b=1C4NOm3BydnsyOLq+vOy1ibRs5YryY5LH5a4AeqlndHGmcm6AtR8jEnRbXWLbQkXQf v6HYmw1d3tLPepV45A4z8wGN9FgAYk5eYUk8OgIBLk+vmidaL0P6xxxBhEy5Z/ZB8Xsr fDD8GoV9+ml5MYL42Qb4RuD2w4NiMrGeKvmVQ8YDgHMLeDJmU74cUvmeD7L+UyzxBb7v cN+LXxyLZVG3h8LgUoUQCPWCve4iCwsRF29fVI6hLwnLtieloTvleSCYekvOR3vMx3ED nqpP/hWkmujVBXnGloZ7wCxE3qCfFrGEN/z0/Vgm/10Mjt0ldRSP2+97f3V3kVQjFazb B6sQ== X-Gm-Message-State: AFqh2kp6MPzXqWMF6w0Mu8bl+ZzQjJmipnPshbtDG/8Owws5K0Vf+M4I DKQu+CH5cHyDagxnYbPtwonhZyXNoqZfnA== X-Google-Smtp-Source: AMrXdXvVSijXq82lbaglMzeLrs6H6dJw4ZLH+qphfWnHSNrovnhEXQpgyYN9CQ2aKBE/MZacifnspw== X-Received: by 2002:a05:622a:8c8:b0:3ae:2272:e430 with SMTP id i8-20020a05622a08c800b003ae2272e430mr30470465qte.14.1673667098091; Fri, 13 Jan 2023 19:31:38 -0800 (PST) Received: from wsfd-netdev15.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id jt14-20020a05622aa00e00b003adc7f652a0sm7878846qtb.66.2023.01.13.19.31.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 19:31:37 -0800 (PST) From: Xin Long To: network dev Cc: davem@davemloft.net, kuba@kernel.org, Eric Dumazet , Paolo Abeni , David Ahern , Hideaki YOSHIFUJI , Pravin B Shelar , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Pablo Neira Ayuso , Florian Westphal , Marcelo Ricardo Leitner , Ilya Maximets , Aaron Conole , Roopa Prabhu , Nikolay Aleksandrov , Mahesh Bandewar , Paul Moore , Guillaume Nault Subject: [PATCH net-next 01/10] net: add a couple of helpers for iph tot_len Date: Fri, 13 Jan 2023 22:31:25 -0500 Message-Id: <2cf21684e03a316b453f05c06ce73a262b1897b4.1673666803.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org This patch adds three APIs to replace the iph->tot_len setting and getting in all places where IPv4 BIG TCP packets may reach, they will be used in the following patches. Note that iph_totlen() will be used when iph is not in linear data of the skb. Signed-off-by: Xin Long --- include/linux/ip.h | 20 ++++++++++++++++++++ include/net/route.h | 3 --- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/include/linux/ip.h b/include/linux/ip.h index 3d9c6750af62..53a0bf5d3f06 100644 --- a/include/linux/ip.h +++ b/include/linux/ip.h @@ -35,4 +35,24 @@ static inline unsigned int ip_transport_len(const struct sk_buff *skb) { return ntohs(ip_hdr(skb)->tot_len) - skb_network_header_len(skb); } + +static inline unsigned int iph_totlen(const struct sk_buff *skb, const struct iphdr *iph) +{ + return ntohs(iph->tot_len) ?: (skb_is_gso_tcp(skb) ? + skb->len - skb_network_offset(skb) : + 0); +} + +static inline unsigned int skb_ip_totlen(const struct sk_buff *skb) +{ + return iph_totlen(skb, ip_hdr(skb)); +} + +/* IPv4 datagram length is stored into 16bit field (tot_len) */ +#define IP_MAX_MTU 0xFFFFU + +static inline void iph_set_totlen(struct iphdr *iph, unsigned int len) +{ + iph->tot_len = len <= IP_MAX_MTU ? htons(len) : 0; +} #endif /* _LINUX_IP_H */ diff --git a/include/net/route.h b/include/net/route.h index 6e92dd5bcd61..fe00b0a2e475 100644 --- a/include/net/route.h +++ b/include/net/route.h @@ -35,9 +35,6 @@ #include #include -/* IPv4 datagram length is stored into 16bit field (tot_len) */ -#define IP_MAX_MTU 0xFFFFU - #define RTO_ONLINK 0x01 #define RT_CONN_FLAGS(sk) (RT_TOS(inet_sk(sk)->tos) | sock_flag(sk, SOCK_LOCALROUTE)) From patchwork Sat Jan 14 03:31:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 13101804 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DC1C8C67871 for ; Sat, 14 Jan 2023 03:31:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229482AbjANDbo (ORCPT ); Fri, 13 Jan 2023 22:31:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33028 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229911AbjANDbl (ORCPT ); Fri, 13 Jan 2023 22:31:41 -0500 Received: from mail-qt1-x82e.google.com (mail-qt1-x82e.google.com [IPv6:2607:f8b0:4864:20::82e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 618338B769 for ; Fri, 13 Jan 2023 19:31:40 -0800 (PST) Received: by mail-qt1-x82e.google.com with SMTP id a25so13544430qto.10 for ; Fri, 13 Jan 2023 19:31:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Tl5Hvsf/bhbzo4TjITsPEwXtRmHZPlZaj/ryQGs8Zww=; b=FcbFvrHrry3fMOV7ArGlilPSiV9zoDcUbQHNDXqwByHetT7S7FZ8KilAIVwQpepPeT AJIjSANwZ4L31Cq332AL4bBW++w7zw8pkvzPb5w/2n3fBn0ZWQArBRfstjwI1NIygmYH /KEtJoy+qkYed0C9mSzr9ESZBkGq+wWdK2oGMmSN4JRPohd74eFf0f0LEUw0lgTwZYjg MkwqhMO03ALxH4oVTDYnoon4Yl2/oqCHo30RYODUIJcshatcyYOj+12NfAdePNOHW/9v U3ZuV4DlDhyo5Vh/b45J6K2BC+z+yxfSs0WcSjTTod5m1EEnkJvg8jj44IACMeOUTr+u MIPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Tl5Hvsf/bhbzo4TjITsPEwXtRmHZPlZaj/ryQGs8Zww=; b=5swbBws0MTWuKTqpy6otJVDZfxvUHO0FgX1vzcWZr8icXUQIchXnR8nNPcAFBcyL+x f+LKyN9Z+rO1pD4HoubIO6un2PRW03msnzEfT9Gi4utPd4zFuL5Beew39Fsh2usxhnB4 03Io/3sVeGixm8Chluv6v2T1xyyuNE+5ijLd1sXoOmpTRAJ+hCdmoqG81wGYT5/BK2XQ cgQSi15Nvf06NcWNm1ILNoMID9UfYZ9wL7ZyyxJnnWPxhtGBjpRW/cJPupah5BdnTcVD /zR9mCXdgfCmHILnvNqmeevKQbnDIa0H3H/zkEyoFiggeA7jU02x7MB4Ylcw+BYkJvLR n3CQ== X-Gm-Message-State: AFqh2kq+BrlxZ2Weo34Brilp5+p+i4mPVglMvaNa3qes4ixQ/akEDEY9 DVoc3ByKRunZnxB29PjJ06bN98edxQ0PVA== X-Google-Smtp-Source: AMrXdXvx6Cx9AxDw4ZxuCSqrNbifiy7JDUXd2SWvKP1HOTgsRWug06ctmHlkLNl5+D6hu2DaWK3bjA== X-Received: by 2002:ac8:5e90:0:b0:3a7:ea9b:5627 with SMTP id r16-20020ac85e90000000b003a7ea9b5627mr21899099qtx.13.1673667099360; Fri, 13 Jan 2023 19:31:39 -0800 (PST) Received: from wsfd-netdev15.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id jt14-20020a05622aa00e00b003adc7f652a0sm7878846qtb.66.2023.01.13.19.31.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 19:31:39 -0800 (PST) From: Xin Long To: network dev Cc: davem@davemloft.net, kuba@kernel.org, Eric Dumazet , Paolo Abeni , David Ahern , Hideaki YOSHIFUJI , Pravin B Shelar , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Pablo Neira Ayuso , Florian Westphal , Marcelo Ricardo Leitner , Ilya Maximets , Aaron Conole , Roopa Prabhu , Nikolay Aleksandrov , Mahesh Bandewar , Paul Moore , Guillaume Nault Subject: [PATCH net-next 02/10] bridge: use skb_ip_totlen in br netfilter Date: Fri, 13 Jan 2023 22:31:26 -0500 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org These 3 places in bridge netfilter are called on RX path after GRO and IPv4 TCP GSO packets may come through, so replace iph tot_len accessing with skb_ip_totlen() in there. Signed-off-by: Xin Long --- net/bridge/br_netfilter_hooks.c | 2 +- net/bridge/netfilter/nf_conntrack_bridge.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c index f20f4373ff40..b67c9c98effa 100644 --- a/net/bridge/br_netfilter_hooks.c +++ b/net/bridge/br_netfilter_hooks.c @@ -214,7 +214,7 @@ static int br_validate_ipv4(struct net *net, struct sk_buff *skb) if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl))) goto csum_error; - len = ntohs(iph->tot_len); + len = skb_ip_totlen(skb); if (skb->len < len) { __IP_INC_STATS(net, IPSTATS_MIB_INTRUNCATEDPKTS); goto drop; diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c b/net/bridge/netfilter/nf_conntrack_bridge.c index 5c5dd437f1c2..71056ee84773 100644 --- a/net/bridge/netfilter/nf_conntrack_bridge.c +++ b/net/bridge/netfilter/nf_conntrack_bridge.c @@ -212,7 +212,7 @@ static int nf_ct_br_ip_check(const struct sk_buff *skb) iph->version != 4) return -1; - len = ntohs(iph->tot_len); + len = skb_ip_totlen(skb); if (skb->len < nhoff + len || len < (iph->ihl * 4)) return -1; @@ -256,7 +256,7 @@ static unsigned int nf_ct_bridge_pre(void *priv, struct sk_buff *skb, if (!pskb_may_pull(skb, sizeof(struct iphdr))) return NF_ACCEPT; - len = ntohs(ip_hdr(skb)->tot_len); + len = skb_ip_totlen(skb); if (pskb_trim_rcsum(skb, len)) return NF_ACCEPT; From patchwork Sat Jan 14 03:31:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 13101805 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D4FC0C3DA78 for ; Sat, 14 Jan 2023 03:31:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230038AbjANDbr (ORCPT ); Fri, 13 Jan 2023 22:31:47 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33038 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230192AbjANDbm (ORCPT ); Fri, 13 Jan 2023 22:31:42 -0500 Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B3E498B772 for ; Fri, 13 Jan 2023 19:31:41 -0800 (PST) Received: by mail-qt1-x831.google.com with SMTP id a25so13544457qto.10 for ; Fri, 13 Jan 2023 19:31:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hndcFGcKXsUPoSfBcORkIp1PbmWGWJK7GRgLe6RV99s=; b=kkknBSAa4sBQriVuJ3s516KogNx/mlxfizuf7MqT+STFV13JZK0Mh5AYDqmGI/S5iA lM+wuuH7MF5RBTBJGIIpZqfdEeDLrsfhP3tVeuEybdfo4n2uPk2axR15pBFKoGAi4fRW uVQ+NTazYbGt3LqeVv0plBb5OJe0vcfgpdgz93p9G/m9hvJWjyRbD8OwgKC9s0sP7WvB WUTW3z7i6fUKgYiA7FK+UTjejTW1YPYKGlwteB5wNwPKP3AncQsYL4P/DhnqGK3hcwKu 8tyqm0YQbzCllZtKG+XtNqfJMezH9Z9Q+KeJiOLhejULaWxdzRmR/p4YM3ujRBK7k+e5 o+vA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hndcFGcKXsUPoSfBcORkIp1PbmWGWJK7GRgLe6RV99s=; b=URi7pnXRpgdve4lE4NrXemfgKImv6j+5gQGHf2cxGGP4NEirhujjapv+Jsu/GaL0+3 newqaG9QeMCKW9kZ4Lo7loHdallOSbg3+RLxN0RfudLazAbdakmWNBYO1U9f7o1ZSm6y WQK1NCSTgYpr7xoc+23xnc/+qXxNCO8KsCg3n9clb1FzjjwxpNg9ZLPqRkV9Gs1CS3W3 UmyHowFMXLoBJgflkqI3UEZlxKriBh54qy9GEnpUIbwFrT/+oIN99KWTJHjQv5M06dKu DQ5uBorSio+rmsjFVZ+HA1aVRl3emCqZHY+b3XKYUNgToyRtDU/pLyfztz2zO4XVkCd6 0xeg== X-Gm-Message-State: AFqh2komvpEzV/23czk/WljHwJ2Tlax5Kv1KrTjsAJSEvjX05qxNoH3C zFlLeT9V+HYhYD9nuqUjl5OzzeEbX5tOVg== X-Google-Smtp-Source: AMrXdXtl97xpSNXGMGadsqubakPe+i2CafDv0qEmbxSVRKPO6BDgFsdTIDhA6LvfsmwDYVWbnSCexQ== X-Received: by 2002:a05:622a:1b0c:b0:3b1:e55e:5203 with SMTP id bb12-20020a05622a1b0c00b003b1e55e5203mr9674865qtb.27.1673667100640; Fri, 13 Jan 2023 19:31:40 -0800 (PST) Received: from wsfd-netdev15.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id jt14-20020a05622aa00e00b003adc7f652a0sm7878846qtb.66.2023.01.13.19.31.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 19:31:40 -0800 (PST) From: Xin Long To: network dev Cc: davem@davemloft.net, kuba@kernel.org, Eric Dumazet , Paolo Abeni , David Ahern , Hideaki YOSHIFUJI , Pravin B Shelar , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Pablo Neira Ayuso , Florian Westphal , Marcelo Ricardo Leitner , Ilya Maximets , Aaron Conole , Roopa Prabhu , Nikolay Aleksandrov , Mahesh Bandewar , Paul Moore , Guillaume Nault Subject: [PATCH net-next 03/10] openvswitch: use skb_ip_totlen in conntrack Date: Fri, 13 Jan 2023 22:31:27 -0500 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org IPv4 GSO packets may get processed in ovs_skb_network_trim(), and we need to use skb_ip_totlen() to get iph totlen. Signed-off-by: Xin Long --- net/openvswitch/conntrack.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c index c8b137649ca4..2172930b1f17 100644 --- a/net/openvswitch/conntrack.c +++ b/net/openvswitch/conntrack.c @@ -1103,7 +1103,7 @@ static int ovs_skb_network_trim(struct sk_buff *skb) switch (skb->protocol) { case htons(ETH_P_IP): - len = ntohs(ip_hdr(skb)->tot_len); + len = skb_ip_totlen(skb); break; case htons(ETH_P_IPV6): len = sizeof(struct ipv6hdr) From patchwork Sat Jan 14 03:31:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 13101806 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id ABCB2C3DA78 for ; Sat, 14 Jan 2023 03:31:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230391AbjANDby (ORCPT ); Fri, 13 Jan 2023 22:31:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33060 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229854AbjANDbo (ORCPT ); Fri, 13 Jan 2023 22:31:44 -0500 Received: from mail-qt1-x82b.google.com (mail-qt1-x82b.google.com [IPv6:2607:f8b0:4864:20::82b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0960A8B753 for ; Fri, 13 Jan 2023 19:31:43 -0800 (PST) Received: by mail-qt1-x82b.google.com with SMTP id bp44so20804581qtb.0 for ; Fri, 13 Jan 2023 19:31:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=uV8oKg/2RyjtLIY7E/4LxV+Y00Cwz/EH5dgxKXOqfWQ=; b=owAGItzRr0xbiFqWOitioFdmA5MU+xg4bgwmYefg1m/pFNWqmVyhpOG+LF41RsV6z/ sw804CdhWdX5s8SBQkt5Pf72Ms46cnTxzdhrzbiq6qYEteOY1g8gJy1OopNGh/pxMIOQ Wua/3/lBcfY0mtNdH3ZlKNSxAbnPQmHDuOTcZg3FKK3Yw+YfljIA4UKXITWdeVYhsnAj bY5PN8jeo0zioLgcMSwoNLSzrWd3R4Rr59CTj+6r3cP7Z+zO3ZJzij9UKovT/Xpsmom7 8aKUEFRIjz0aPK5JHQ2W82HJGtAqhPhPkMLntaQFbkTS5d62RAVwUN+VxN8+/qebHQte ZmxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uV8oKg/2RyjtLIY7E/4LxV+Y00Cwz/EH5dgxKXOqfWQ=; b=fZQg2hztlq1d0M0CqQVzMopCj+WilQZg1vBafIbRaIe1b7ysyvLqrp1P/I3JtgApSG xIbtCSEIaVsFPp0qqLjdDa8gSiVz8v1eyWuQ9E7yIGu2JYvnjbDt+dcseG4bKKorZlCR YoUSNT2sjJATsxHfPiOkOPWrPak0rHENMYWEfAHcnrqDCi6RPjnzE5vZinlKzI7lCHX2 RK6BONvCLG9sxnAvABuMIOr9dVDBmSNw25gAqLpX4Sw7LpD3hjM8iUP15ZfIPiGt8QC6 42aWaBcEdXBcx2hACG8mUEbVlnMCb1UZ2Hp1EQ7u/slWpMZTqHPf5xtFz+OzdBlw4RtE dWCg== X-Gm-Message-State: AFqh2kpeTihovGc4vxm6GMu7hEDvFBb4tGMM7ESoKPS6H5rx9af0JEUy mqm246xwBeiGKmb97YZl56CVviXkNsbuHA== X-Google-Smtp-Source: AMrXdXvO3etL3CghVRkEgF8SbQFf/ss5milCk9VGbdT+iTkeu50BrF0NA3h+lUHk2125fwozjHaczQ== X-Received: by 2002:ac8:4514:0:b0:3ab:6b9c:7285 with SMTP id q20-20020ac84514000000b003ab6b9c7285mr108651669qtn.44.1673667102052; Fri, 13 Jan 2023 19:31:42 -0800 (PST) Received: from wsfd-netdev15.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id jt14-20020a05622aa00e00b003adc7f652a0sm7878846qtb.66.2023.01.13.19.31.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 19:31:41 -0800 (PST) From: Xin Long To: network dev Cc: davem@davemloft.net, kuba@kernel.org, Eric Dumazet , Paolo Abeni , David Ahern , Hideaki YOSHIFUJI , Pravin B Shelar , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Pablo Neira Ayuso , Florian Westphal , Marcelo Ricardo Leitner , Ilya Maximets , Aaron Conole , Roopa Prabhu , Nikolay Aleksandrov , Mahesh Bandewar , Paul Moore , Guillaume Nault Subject: [PATCH net-next 04/10] net: sched: use skb_ip_totlen and iph_totlen Date: Fri, 13 Jan 2023 22:31:28 -0500 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org There are 1 action and 1 qdisc that may process IPv4 TCP GSO packets and access iph->tot_len, replace them with skb_ip_totlen() and iph_totlen() accordingly. Note that we don't need to replace the one in tcf_csum_ipv4(), as it will return for TCP GSO packets in tcf_csum_ipv4_tcp(). Signed-off-by: Xin Long --- net/sched/act_ct.c | 2 +- net/sched/sch_cake.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/net/sched/act_ct.c b/net/sched/act_ct.c index 0ca2bb8ed026..d68bb5dbf0dc 100644 --- a/net/sched/act_ct.c +++ b/net/sched/act_ct.c @@ -707,7 +707,7 @@ static int tcf_ct_skb_network_trim(struct sk_buff *skb, int family) switch (family) { case NFPROTO_IPV4: - len = ntohs(ip_hdr(skb)->tot_len); + len = skb_ip_totlen(skb); break; case NFPROTO_IPV6: len = sizeof(struct ipv6hdr) diff --git a/net/sched/sch_cake.c b/net/sched/sch_cake.c index 3ed0c3342189..7970217b565a 100644 --- a/net/sched/sch_cake.c +++ b/net/sched/sch_cake.c @@ -1209,7 +1209,7 @@ static struct sk_buff *cake_ack_filter(struct cake_sched_data *q, iph_check->daddr != iph->daddr) continue; - seglen = ntohs(iph_check->tot_len) - + seglen = iph_totlen(skb, iph_check) - (4 * iph_check->ihl); } else if (iph_check->version == 6) { ipv6h = (struct ipv6hdr *)iph; From patchwork Sat Jan 14 03:31:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 13101808 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 98995C3DA78 for ; Sat, 14 Jan 2023 03:32:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231184AbjANDb7 (ORCPT ); Fri, 13 Jan 2023 22:31:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33098 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229911AbjANDbq (ORCPT ); Fri, 13 Jan 2023 22:31:46 -0500 Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5378B8BF26 for ; Fri, 13 Jan 2023 19:31:44 -0800 (PST) Received: by mail-qt1-x82d.google.com with SMTP id d16so7741997qtw.8 for ; Fri, 13 Jan 2023 19:31:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=afll7bLWeOuZyip2GcygUZAanANAFhqpn9H/tM0HPJw=; b=bkHNBF1re4b7DnjM+quBTMM6HwcYZgHT6s5Vsd4BPinZXSi/JCpVSDISDMoQTgssmn 6d6MeXfERGZBI56og1cFnMgdgvMAzEDQAV9e3P1jM65mStadFT3J2dVp9HfT2dvUtLTL tG+60v2TXePQsG2ZA6gU9g2MEJTtn6Yj03SJwp9yTtDy1lKjxKi7oiny6S9hH2LF2gWQ DfjlczUvcMEIhERhkZxNO3zxiQXxQO0eyY5ntVkuxVevZ0itf66bi6v5EXC7IYgoO88N j3qtd6h++BMX5IBC0Iaawb7HGbCXAIAs+FTHyDny6aTberopcrMbdoICFeOoNvyPdbWb QDlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=afll7bLWeOuZyip2GcygUZAanANAFhqpn9H/tM0HPJw=; b=oF582mP/xbbea7lDAKWTK5+PyHZx0ZlU0hKk75jQ1xq4ZuhJ6dqEmoLxbZEKcaTit7 ANSYgsRQVaKWE8lY+L7JhPR4Gl0l0dHBtfN/KGB2pcXS3/J5pMpvh8af6bMh44GJVgSp J1ZKqiZ2a7cSQu4BBHZrN4AzwzQwKi5pxeoeCdIyOVjwkk1nhCEEw702ehnf+QkvW3fx MzvDFuNANbi/da7yVs1r+Y7gEb4Jk2dFy0sIQ/jRAQEx8ijTjrVmK3WNOdPtH+Vz1sm2 o1pwsgyAUoQAeFAGOr8BZ0fbz+TUGQZ83EZhRmPk1FFPGV+I5dhzsHE7A8UtPmp8Vv1w LSoQ== X-Gm-Message-State: AFqh2kq17WMUIKS9ZEbUxDG5izqjpZHMsQnJKAGVsJPIiTzIn1lX61qz eNy6b/owHSvlp/B3KZqIkWG4/BI3JnytkQ== X-Google-Smtp-Source: AMrXdXskYhxkOSWxbMOzv9bCu2tZuYuCM/x3ZE7mwT3sNx+kXRcM6UNUWyJMxmgc0fhG+xv5ZA+mZg== X-Received: by 2002:ac8:75cb:0:b0:3ad:4bc8:52a3 with SMTP id z11-20020ac875cb000000b003ad4bc852a3mr24369024qtq.61.1673667103308; Fri, 13 Jan 2023 19:31:43 -0800 (PST) Received: from wsfd-netdev15.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id jt14-20020a05622aa00e00b003adc7f652a0sm7878846qtb.66.2023.01.13.19.31.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 19:31:43 -0800 (PST) From: Xin Long To: network dev Cc: davem@davemloft.net, kuba@kernel.org, Eric Dumazet , Paolo Abeni , David Ahern , Hideaki YOSHIFUJI , Pravin B Shelar , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Pablo Neira Ayuso , Florian Westphal , Marcelo Ricardo Leitner , Ilya Maximets , Aaron Conole , Roopa Prabhu , Nikolay Aleksandrov , Mahesh Bandewar , Paul Moore , Guillaume Nault Subject: [PATCH net-next 05/10] netfilter: use skb_ip_totlen and iph_totlen Date: Fri, 13 Jan 2023 22:31:29 -0500 Message-Id: <63c12978c981b996df9e3d4d2f0051c0e4947830.1673666803.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org There are also quite some places in netfilter that may process IPv4 TCP GSO packets, we need to replace them too. In length_mt(), we have to use u_int32_t/int to accept skb_ip_totlen() return value, otherwise it may overflow and mismatch. This change will also help us add selftest for IPv4 BIG TCP in the following patch. Note that we don't need to replace the one in tcpmss_tg4(), as it will return if there is data after tcphdr in tcpmss_mangle_packet(). The same in mangle_contents() in nf_nat_helper.c, it returns false when skb->len + extra > 65535 in enlarge_skb(). Signed-off-by: Xin Long --- include/net/netfilter/nf_tables_ipv4.h | 4 ++-- net/netfilter/ipvs/ip_vs_xmit.c | 2 +- net/netfilter/nf_log_syslog.c | 2 +- net/netfilter/xt_length.c | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/net/netfilter/nf_tables_ipv4.h b/include/net/netfilter/nf_tables_ipv4.h index 112708f7a6b4..947973623dc7 100644 --- a/include/net/netfilter/nf_tables_ipv4.h +++ b/include/net/netfilter/nf_tables_ipv4.h @@ -29,7 +29,7 @@ static inline int __nft_set_pktinfo_ipv4_validate(struct nft_pktinfo *pkt) if (iph->ihl < 5 || iph->version != 4) return -1; - len = ntohs(iph->tot_len); + len = iph_totlen(pkt->skb, iph); thoff = iph->ihl * 4; if (pkt->skb->len < len) return -1; @@ -64,7 +64,7 @@ static inline int nft_set_pktinfo_ipv4_ingress(struct nft_pktinfo *pkt) if (iph->ihl < 5 || iph->version != 4) goto inhdr_error; - len = ntohs(iph->tot_len); + len = iph_totlen(pkt->skb, iph); thoff = iph->ihl * 4; if (pkt->skb->len < len) { __IP_INC_STATS(nft_net(pkt), IPSTATS_MIB_INTRUNCATEDPKTS); diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c index 029171379884..80448885c3d7 100644 --- a/net/netfilter/ipvs/ip_vs_xmit.c +++ b/net/netfilter/ipvs/ip_vs_xmit.c @@ -994,7 +994,7 @@ ip_vs_prepare_tunneled_skb(struct sk_buff *skb, int skb_af, old_dsfield = ipv4_get_dsfield(old_iph); *ttl = old_iph->ttl; if (payload_len) - *payload_len = ntohs(old_iph->tot_len); + *payload_len = skb_ip_totlen(skb); } /* Implement full-functionality option for ECN encapsulation */ diff --git a/net/netfilter/nf_log_syslog.c b/net/netfilter/nf_log_syslog.c index cb894f0d63e9..c66689ad2b49 100644 --- a/net/netfilter/nf_log_syslog.c +++ b/net/netfilter/nf_log_syslog.c @@ -322,7 +322,7 @@ dump_ipv4_packet(struct net *net, struct nf_log_buf *m, /* Max length: 46 "LEN=65535 TOS=0xFF PREC=0xFF TTL=255 ID=65535 " */ nf_log_buf_add(m, "LEN=%u TOS=0x%02X PREC=0x%02X TTL=%u ID=%u ", - ntohs(ih->tot_len), ih->tos & IPTOS_TOS_MASK, + iph_totlen(skb, ih), ih->tos & IPTOS_TOS_MASK, ih->tos & IPTOS_PREC_MASK, ih->ttl, ntohs(ih->id)); /* Max length: 6 "CE DF MF " */ diff --git a/net/netfilter/xt_length.c b/net/netfilter/xt_length.c index 1873da3a945a..b3d623a52885 100644 --- a/net/netfilter/xt_length.c +++ b/net/netfilter/xt_length.c @@ -21,7 +21,7 @@ static bool length_mt(const struct sk_buff *skb, struct xt_action_param *par) { const struct xt_length_info *info = par->matchinfo; - u_int16_t pktlen = ntohs(ip_hdr(skb)->tot_len); + u32 pktlen = skb_ip_totlen(skb); return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; } From patchwork Sat Jan 14 03:31:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 13101807 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AD800C6379F for ; Sat, 14 Jan 2023 03:31:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229992AbjANDb5 (ORCPT ); Fri, 13 Jan 2023 22:31:57 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33096 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230401AbjANDbq (ORCPT ); Fri, 13 Jan 2023 22:31:46 -0500 Received: from mail-qt1-x82b.google.com (mail-qt1-x82b.google.com [IPv6:2607:f8b0:4864:20::82b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 195E58CBD7 for ; Fri, 13 Jan 2023 19:31:45 -0800 (PST) Received: by mail-qt1-x82b.google.com with SMTP id bp44so20804639qtb.0 for ; Fri, 13 Jan 2023 19:31:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MRncoLC16sCZcT7mVpILb/C22ea0oeFd+8wfM8ixo3g=; b=oA+Jub8yHXoclflpjjy+ecn59yRkkOLgcFZ8ctq1qVBBA5dMRJaoyBj40MqY1DSI0o fu8Vz6i/o7RLO4yGy90ixo7uZX2n5E/2RD4Wvt3lv0wMIY0YMxyscOum+/LjDW7sQ/lb KJunNSJ4tHkR4U7BA0B5uVtcUjPCf5eT6PpqdLXcUizAUCqbETcvEkHd2DtTJEYu0tBh gfGGKDzl+opmsMykeiQ2UDJ1RDMXjHk1z+DmtOjcxiQS1qo04kSVeWXmMhzNaABiSwKG dYfSAxj3FVjPPoYS91L8Nng1s8rLA6iwIYLmYRkD/PsVS/82k3cguJjdolYj5Eq+qd5A Iesw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MRncoLC16sCZcT7mVpILb/C22ea0oeFd+8wfM8ixo3g=; b=jL3bbpp/VFAWxhQGJ9l7tz0t2KPx/auf7j3XBGHjlkJoLtxQIWBuG0kbojUq4LOMsb LXinV3L/xpGp8dqtlS2aSOFa/eULjBqDrDHBj4m1I9hru+TIXxHrIYg3KAt6fohtVjxK Gj7s1R+BnwjserYrB9TS42y0k+8OzAjJXbkBCfwkE3BQCSsxj6ocGSVK52GjrOX2liFV HALr4QVEz/tOuHDiqABQFX358ubDR75FK+b8lwfeyW/lPf4e9E9fIFIa9Or65WiV+duH Luac/Jd+fnTGKiWLne9vZtMsx2lIcRQAPTGMA2W5dVlDakd7qlluhTM5QpXjtV5P24aJ CJ2Q== X-Gm-Message-State: AFqh2kp50PoNX6kR4ZzX9BIAiZOHXRmtTQX5IvZK6nm8CVQTtndO/Ta4 DZUSxqpuZUIgzPRqzFiBvBQS72KW2NVfaA== X-Google-Smtp-Source: AMrXdXtHggqVN9FnGDpzXP/QDmGLdCxVq0RfQufcT4MuvDgEkGoErx5gGJBE10nYE5gcMljvICtGug== X-Received: by 2002:a05:622a:a015:b0:3ad:797e:7314 with SMTP id jt21-20020a05622aa01500b003ad797e7314mr26095257qtb.1.1673667104578; Fri, 13 Jan 2023 19:31:44 -0800 (PST) Received: from wsfd-netdev15.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id jt14-20020a05622aa00e00b003adc7f652a0sm7878846qtb.66.2023.01.13.19.31.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 19:31:44 -0800 (PST) From: Xin Long To: network dev Cc: davem@davemloft.net, kuba@kernel.org, Eric Dumazet , Paolo Abeni , David Ahern , Hideaki YOSHIFUJI , Pravin B Shelar , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Pablo Neira Ayuso , Florian Westphal , Marcelo Ricardo Leitner , Ilya Maximets , Aaron Conole , Roopa Prabhu , Nikolay Aleksandrov , Mahesh Bandewar , Paul Moore , Guillaume Nault Subject: [PATCH net-next 06/10] cipso_ipv4: use iph_set_totlen in skbuff_setattr Date: Fri, 13 Jan 2023 22:31:30 -0500 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org It may process IPv4 TCP GSO packets in cipso_v4_skbuff_setattr(), so the iph->tot_len update should use iph_set_totlen(). Note that for these non GSO packets, the new iph tot_len with extra iph option len added may become greater than 65535, the old process will cast it and set iph->tot_len to it, which is a bug. In theory, iph options shouldn't be added for these big packets in here, a fix may be needed here in the future. For now this patch is only to set iph->tot_len to 0 when it happens. Signed-off-by: Xin Long --- net/ipv4/cipso_ipv4.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c index 6cd3b6c559f0..79ae7204e8ed 100644 --- a/net/ipv4/cipso_ipv4.c +++ b/net/ipv4/cipso_ipv4.c @@ -2222,7 +2222,7 @@ int cipso_v4_skbuff_setattr(struct sk_buff *skb, memset((char *)(iph + 1) + buf_len, 0, opt_len - buf_len); if (len_delta != 0) { iph->ihl = 5 + (opt_len >> 2); - iph->tot_len = htons(skb->len); + iph_set_totlen(iph, skb->len); } ip_send_check(iph); From patchwork Sat Jan 14 03:31:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 13101809 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BFA0FC46467 for ; Sat, 14 Jan 2023 03:32:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231305AbjANDcO (ORCPT ); Fri, 13 Jan 2023 22:32:14 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33318 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230445AbjANDbx (ORCPT ); Fri, 13 Jan 2023 22:31:53 -0500 Received: from mail-qt1-x82f.google.com (mail-qt1-x82f.google.com [IPv6:2607:f8b0:4864:20::82f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CB1EE8CD26 for ; Fri, 13 Jan 2023 19:31:46 -0800 (PST) Received: by mail-qt1-x82f.google.com with SMTP id x7so10601137qtv.13 for ; Fri, 13 Jan 2023 19:31:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=HaCBPY9taiJwDw7qkQaAo7rOjDTTF2XX5hJIsC+YZm4=; b=LFrS7zj769EHwdknEtlyFvOpwWfofaoyDyoLqQWkZzR4OCvO8iJ0XtlJ97YO7o2fHI S33qFiMZ4+hpBSn+EwT+ZwZXbV9T2ACQ0Z9rbWJcLXwdQNkjYqYP5jkAHvANM+zzT0Fu /0g8N3woESbsy5oBaH+zOZ9Prk7MCyWqhEnlXsA9PvwsDqZoKaYvWEQTviOb+TefNfL6 NL/7ls39Ds5pX0lmHp4C2hw24C1T7+8DQpMdLC1tpOksevfpBplhv6IRZa56vvh9HyxG MZ3dhEq/uCP9qMwNUHcL47ETqFoeK2E2OwYsROmVfQhk/kmmRXdPVHaKVOFWlRiVhSsR NQfg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HaCBPY9taiJwDw7qkQaAo7rOjDTTF2XX5hJIsC+YZm4=; b=NwsDXzbAFvs4OkFD7pZpT7sxeVwXxjrWCdDIlnm+Sq6L1txkjlElJzG1UU77pGb1qs BjN5tBoqNWy6Gv189LBKL96L76Z+H7tN83wQITWO7FH1ldlqIPkBTuRDa5Cxfj5TlQt/ CKOPy9Cfix/021EAx9qnlUA0tgcqGPTRo5VOjsoBxDlWFIHVyV6qTxoJoUqqLedrxCwF nDEAdtnyLlZwOsVQgqbb98zUFoKJqX+2Hl82J4tEGtrL+xPjYIoG6p5GVfvlxCPYyt0i 2eBbRw8rsHG9C3Zr0q2Jjr8Me8zDocDzbwlz3FlqZjJO9ayDlKC4OJJze2cqPYC/z4MK Lq6w== X-Gm-Message-State: AFqh2koun6lMtAPezHsMdoSdqfJT/lsHZbFB4sNQ+HZioApzp3IztU1u hz9+QP9Vk9GGvc+zIHBmLQyEf0QbQXTFiQ== X-Google-Smtp-Source: AMrXdXvxDb5dxWxjpKV9I6CR32xajaRAAxg2/I8rPg0h7JPDgxJieIIofZvjUH84QK+z+xW1G9FNFA== X-Received: by 2002:ac8:5155:0:b0:3ab:c5c5:5f3f with SMTP id h21-20020ac85155000000b003abc5c55f3fmr22403566qtn.64.1673667105798; Fri, 13 Jan 2023 19:31:45 -0800 (PST) Received: from wsfd-netdev15.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id jt14-20020a05622aa00e00b003adc7f652a0sm7878846qtb.66.2023.01.13.19.31.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 19:31:45 -0800 (PST) From: Xin Long To: network dev Cc: davem@davemloft.net, kuba@kernel.org, Eric Dumazet , Paolo Abeni , David Ahern , Hideaki YOSHIFUJI , Pravin B Shelar , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Pablo Neira Ayuso , Florian Westphal , Marcelo Ricardo Leitner , Ilya Maximets , Aaron Conole , Roopa Prabhu , Nikolay Aleksandrov , Mahesh Bandewar , Paul Moore , Guillaume Nault Subject: [PATCH net-next 07/10] ipvlan: use skb_ip_totlen in ipvlan_get_L3_hdr Date: Fri, 13 Jan 2023 22:31:31 -0500 Message-Id: <4c928020ac456799782101ff90a402054db8fe6e.1673666803.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org ipvlan devices calls netif_inherit_tso_max() to get the tso_max_size/segs from the lower device, so when lower device supports BIG TCP, the ipvlan devices support it too. We also should consider its iph tot_len accessing. Signed-off-by: Xin Long --- drivers/net/ipvlan/ipvlan_core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/ipvlan/ipvlan_core.c b/drivers/net/ipvlan/ipvlan_core.c index bb1c298c1e78..460b3d4f2245 100644 --- a/drivers/net/ipvlan/ipvlan_core.c +++ b/drivers/net/ipvlan/ipvlan_core.c @@ -157,7 +157,7 @@ void *ipvlan_get_L3_hdr(struct ipvl_port *port, struct sk_buff *skb, int *type) return NULL; ip4h = ip_hdr(skb); - pktlen = ntohs(ip4h->tot_len); + pktlen = skb_ip_totlen(skb); if (ip4h->ihl < 5 || ip4h->version != 4) return NULL; if (skb->len < pktlen || pktlen < (ip4h->ihl * 4)) From patchwork Sat Jan 14 03:31:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 13101810 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9F608C3DA78 for ; Sat, 14 Jan 2023 03:32:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231365AbjANDcQ (ORCPT ); Fri, 13 Jan 2023 22:32:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33396 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230324AbjANDb6 (ORCPT ); Fri, 13 Jan 2023 22:31:58 -0500 Received: from mail-qt1-x833.google.com (mail-qt1-x833.google.com [IPv6:2607:f8b0:4864:20::833]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 21F0F8D3B2 for ; Fri, 13 Jan 2023 19:31:48 -0800 (PST) Received: by mail-qt1-x833.google.com with SMTP id s5so16243942qtx.6 for ; Fri, 13 Jan 2023 19:31:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=g25VrYNhgWPcNaigv0uqQ4+TsAmwRXVlaxYNX2jHt3I=; b=PRFcr16QkS0MM0XdBH/RUCWffgSTLhuh07E3Zjl2tmHjerDvxsg4pMB5GLXpe/Zr08 1XN8vC/y81TJmtelzg8wc+pMywYI1NnKDTplUoxyigxdIvi0MbCPAYSGYr29Ke55xAsa D6hxGyq1MJ1uCUhHjn27We8/JGyENH99TblL/tYzX0VpjAojubq+yFkT880iPYF5n/4x S4b3NQq3T2HN7sDtr34tvOdPjScXMfXM7lOUZahgr2yy8keivG+s1qMTiSfqXzVLM35b InxoLcDhjkePixg9beHnRiwcslmL3gqpD0ixCVyh3pFn2xFVR8EoN4CtHeDoWRni0XwP ShmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=g25VrYNhgWPcNaigv0uqQ4+TsAmwRXVlaxYNX2jHt3I=; b=FIzu/6zJUN+qF+5sBPtfKnsOxglzE2DBTR19RCdgLsGh1aYxeIveqKXrPLdrAR/6R2 5ypWZYwa1hIdnKPldVmCx7QhAru/iMmm8cpYZ6IYfTfMKGIynQ+RNRkMg2V9qTmRC9QY +NahBoMBDhBIm07mS7XRfSAMsQTNpisP+mQeM++CX1mb2Gucy9ZyrF79U5DCOM1Xz+18 c1ypJl5Ifnw6vHXdWaQEYjfos3bV8uN15Y/3hiSyA1a6qUSdD9zp9MEyioGZcEkAmuWe qQFb5U35o9EEms6ClL+aqxmTcb568pQC6IKN8AWa6sjykMAXNzlGK9QsgTLUuF8ejv0Z PDuQ== X-Gm-Message-State: AFqh2kqpBjAArjG6fG0iq//CJTxVq8LoaXXdhd/WGxJLLQY/GUdfNNxC p4i2/JHR8UbOypQVC8lmnhGFEs74OfvNYQ== X-Google-Smtp-Source: AMrXdXsRSwUorb6F2ugQoCN6jPI2kz/FsdDd5B61L+7GAojYJue+xAOPJqnTGe9kJnszVfYx0PPfZA== X-Received: by 2002:a05:622a:1e88:b0:3ac:c2b8:18 with SMTP id bz8-20020a05622a1e8800b003acc2b80018mr38326478qtb.19.1673667107052; Fri, 13 Jan 2023 19:31:47 -0800 (PST) Received: from wsfd-netdev15.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id jt14-20020a05622aa00e00b003adc7f652a0sm7878846qtb.66.2023.01.13.19.31.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 19:31:46 -0800 (PST) From: Xin Long To: network dev Cc: davem@davemloft.net, kuba@kernel.org, Eric Dumazet , Paolo Abeni , David Ahern , Hideaki YOSHIFUJI , Pravin B Shelar , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Pablo Neira Ayuso , Florian Westphal , Marcelo Ricardo Leitner , Ilya Maximets , Aaron Conole , Roopa Prabhu , Nikolay Aleksandrov , Mahesh Bandewar , Paul Moore , Guillaume Nault Subject: [PATCH net-next 08/10] net: add support for ipv4 big tcp Date: Fri, 13 Jan 2023 22:31:32 -0500 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Similar to Eric's IPv6 BIG TCP, this patch is to enable IPv4 BIG TCP. Firstly, allow sk->sk_gso_max_size to be set to a value greater than GSO_LEGACY_MAX_SIZE by not trimming gso_max_size in sk_trim_gso_size() for IPv4 TCP sockets. Then on TX path, set IP header tot_len to 0 when skb->len > IP_MAX_MTU in __ip_local_out() to allow to send BIG TCP packets, and this implies that skb->len is the length of a IPv4 packet; On RX path, use skb->len as the length of the IPv4 packet when the IP header tot_len is 0 and skb->len > IP_MAX_MTU in ip_rcv_core(). As the API iph_set_totlen() and skb_ip_totlen() are used in __ip_local_out() and ip_rcv_core(), we only need to update these APIs. Also in GRO receive, add the check for ETH_P_IP/IPPROTO_TCP, and allows the merged packet size >= GRO_LEGACY_MAX_SIZE in skb_gro_receive(). In GRO complete, set IP header tot_len to 0 when the merged packet size greater than IP_MAX_MTU in iph_set_totlen() so that it can be processed on RX path. Note that by checking skb_is_gso_tcp() in API iph_totlen(), it makes this implementation safe to use iph->len == 0 indicates IPv4 BIG TCP packets. Signed-off-by: Xin Long --- net/core/gro.c | 6 +++--- net/core/sock.c | 11 ++--------- net/ipv4/af_inet.c | 7 ++++--- net/ipv4/ip_input.c | 2 +- net/ipv4/ip_output.c | 2 +- 5 files changed, 11 insertions(+), 17 deletions(-) diff --git a/net/core/gro.c b/net/core/gro.c index 506f83d715f8..82656dc787f2 100644 --- a/net/core/gro.c +++ b/net/core/gro.c @@ -169,9 +169,9 @@ int skb_gro_receive(struct sk_buff *p, struct sk_buff *skb) return -E2BIG; if (unlikely(p->len + len >= GRO_LEGACY_MAX_SIZE)) { - if (p->protocol != htons(ETH_P_IPV6) || - skb_headroom(p) < sizeof(struct hop_jumbo_hdr) || - ipv6_hdr(p)->nexthdr != IPPROTO_TCP || + if (NAPI_GRO_CB(skb)->proto != IPPROTO_TCP || + (p->protocol == htons(ETH_P_IPV6) && + skb_headroom(p) < sizeof(struct hop_jumbo_hdr)) || p->encapsulation) return -E2BIG; } diff --git a/net/core/sock.c b/net/core/sock.c index f954d5893e79..554aa09fe504 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -2375,15 +2375,8 @@ EXPORT_SYMBOL_GPL(sk_free_unlock_clone); static void sk_trim_gso_size(struct sock *sk) { - if (sk->sk_gso_max_size <= GSO_LEGACY_MAX_SIZE) - return; -#if IS_ENABLED(CONFIG_IPV6) - if (sk->sk_family == AF_INET6 && - sk_is_tcp(sk) && - !ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr)) - return; -#endif - sk->sk_gso_max_size = GSO_LEGACY_MAX_SIZE; + if (sk->sk_gso_max_size > GSO_LEGACY_MAX_SIZE && !sk_is_tcp(sk)) + sk->sk_gso_max_size = GSO_LEGACY_MAX_SIZE; } void sk_setup_caps(struct sock *sk, struct dst_entry *dst) diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index 6c0ec2789943..2f992a323b95 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c @@ -1485,6 +1485,7 @@ struct sk_buff *inet_gro_receive(struct list_head *head, struct sk_buff *skb) if (unlikely(ip_fast_csum((u8 *)iph, 5))) goto out; + NAPI_GRO_CB(skb)->proto = proto; id = ntohl(*(__be32 *)&iph->id); flush = (u16)((ntohl(*(__be32 *)iph) ^ skb_gro_len(skb)) | (id & ~IP_DF)); id >>= 16; @@ -1618,9 +1619,9 @@ int inet_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len) int inet_gro_complete(struct sk_buff *skb, int nhoff) { - __be16 newlen = htons(skb->len - nhoff); struct iphdr *iph = (struct iphdr *)(skb->data + nhoff); const struct net_offload *ops; + __be16 totlen = iph->tot_len; int proto = iph->protocol; int err = -ENOSYS; @@ -1629,8 +1630,8 @@ int inet_gro_complete(struct sk_buff *skb, int nhoff) skb_set_inner_network_header(skb, nhoff); } - csum_replace2(&iph->check, iph->tot_len, newlen); - iph->tot_len = newlen; + iph_set_totlen(iph, skb->len - nhoff); + csum_replace2(&iph->check, totlen, iph->tot_len); ops = rcu_dereference(inet_offloads[proto]); if (WARN_ON(!ops || !ops->callbacks.gro_complete)) diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c index e880ce77322a..0aa8c49b4e1b 100644 --- a/net/ipv4/ip_input.c +++ b/net/ipv4/ip_input.c @@ -511,7 +511,7 @@ static struct sk_buff *ip_rcv_core(struct sk_buff *skb, struct net *net) if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl))) goto csum_error; - len = ntohs(iph->tot_len); + len = skb_ip_totlen(skb); if (skb->len < len) { drop_reason = SKB_DROP_REASON_PKT_TOO_SMALL; __IP_INC_STATS(net, IPSTATS_MIB_INTRUNCATEDPKTS); diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c index 922c87ef1ab5..4e4e308c3230 100644 --- a/net/ipv4/ip_output.c +++ b/net/ipv4/ip_output.c @@ -100,7 +100,7 @@ int __ip_local_out(struct net *net, struct sock *sk, struct sk_buff *skb) { struct iphdr *iph = ip_hdr(skb); - iph->tot_len = htons(skb->len); + iph_set_totlen(iph, skb->len); ip_send_check(iph); /* if egress device is enslaved to an L3 master device pass the From patchwork Sat Jan 14 03:31:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 13101811 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5B886C3DA78 for ; Sat, 14 Jan 2023 03:32:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230432AbjANDcS (ORCPT ); Fri, 13 Jan 2023 22:32:18 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33674 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230192AbjANDcL (ORCPT ); Fri, 13 Jan 2023 22:32:11 -0500 Received: from mail-qt1-x82f.google.com (mail-qt1-x82f.google.com [IPv6:2607:f8b0:4864:20::82f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 655368F8CB for ; Fri, 13 Jan 2023 19:31:49 -0800 (PST) Received: by mail-qt1-x82f.google.com with SMTP id fd15so10755448qtb.9 for ; Fri, 13 Jan 2023 19:31:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=o/UeqT4DY2zDY3VtP4bF5KQAgTN1r5Nv8/OY6W808rs=; b=PQv3TkD/mZtx1fDtgj9bqeNbA84WB2YOjYgo8j+uKImfNEhVXN1QA4aoybffEPfGTL jIM/RzruhjUr4DOaoaOVlOrm5jDJii8e+qyH5Fqg0ueD9y0BnH8TVLjglPXxTTRACQo6 /5zA0rvgN0qWVPuAY2Ca5dc9WTrN+AO1pNbgWK7IDr/vJWFyGBszSiiwUNipW+B5m3/4 mqpGYZxpASzro3wutvPDZUJPKUY/SDv6P056rKCU/1uYewC3g95pzoYmL0ukItZm4T4F 7ihdtPwC6LeDF36rOuu725cxOXN6yY8dolvKMRXgExta3ai5ZX1lc+D+B0fBgD5Vm34B VFrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=o/UeqT4DY2zDY3VtP4bF5KQAgTN1r5Nv8/OY6W808rs=; b=S6VS0HFtrHFmE+rOEz/sY42GoBkpAXzS9AXbIMdeM7+VL9krJpRQAx8mmkAamO/zyO vFZ9mIcxMa8xhs7jj+SUuzLI+SRPpAYO0PFWtmDsrg3sGF2vuPpnlY+YTDnUkcOKSh+V f0l0V+oHWxm4hEPQ77p3padQpjiLdrrhjQl6Sa2byf69vfsw0rvdGn/90GE57LZxsMNN RrfKusZE/cxaeJv9PMiY5s626X6pUH6yHdpniL/1LT4Idt2gsTFfsgttaaaoDqqyn+r3 lyqzkB2UEkdVXrVhHGM6vhMd+AjH9FDSLgEQ627gDqvtISfd98pLfQcXiH+ffOYdTU4N EwQA== X-Gm-Message-State: AFqh2kozxnVB4OjvTsA1aBDOjmej9IoNeTImwfC7nHkFWNqgXonuxIDW SE771d2J82vhcyU5g1WHKApnMxMDwQ4q7g== X-Google-Smtp-Source: AMrXdXsXm1zOxlYkDu2Su1Hog3IJZ5s/d3VX8MMucsnqXDwnaPmccbufXBj/vgCQHeYCgdkmewtBUw== X-Received: by 2002:a05:622a:514:b0:3ab:d187:9e7 with SMTP id l20-20020a05622a051400b003abd18709e7mr62642655qtx.44.1673667108350; Fri, 13 Jan 2023 19:31:48 -0800 (PST) Received: from wsfd-netdev15.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id jt14-20020a05622aa00e00b003adc7f652a0sm7878846qtb.66.2023.01.13.19.31.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 19:31:48 -0800 (PST) From: Xin Long To: network dev Cc: davem@davemloft.net, kuba@kernel.org, Eric Dumazet , Paolo Abeni , David Ahern , Hideaki YOSHIFUJI , Pravin B Shelar , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Pablo Neira Ayuso , Florian Westphal , Marcelo Ricardo Leitner , Ilya Maximets , Aaron Conole , Roopa Prabhu , Nikolay Aleksandrov , Mahesh Bandewar , Paul Moore , Guillaume Nault Subject: [PATCH net-next 09/10] netfilter: get ipv6 pktlen properly in length_mt6 Date: Fri, 13 Jan 2023 22:31:33 -0500 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org For IPv6 jumbogram packets, the packet size is bigger than 65535, it's not right to get it from payload_len and save it to an u16 variable. This patch only fixes it for IPv6 BIG TCP packets, so instead of parsing IPV6_TLV_JUMBO exthdr, which is quite some work, it only gets the pktlen via 'skb->len - skb_network_offset(skb)' when skb_is_gso_v6() and saves it to an u32 variable, similar to IPv4 BIG TCP packets. This fix will also help us add selftest for IPv6 BIG TCP in the following patch. Signed-off-by: Xin Long --- include/linux/ipv6.h | 9 +++++++++ net/netfilter/xt_length.c | 3 +-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h index 37dfdcfcdd54..b8edd6c599eb 100644 --- a/include/linux/ipv6.h +++ b/include/linux/ipv6.h @@ -175,6 +175,15 @@ static inline bool inet6_is_jumbogram(const struct sk_buff *skb) return !!(IP6CB(skb)->flags & IP6SKB_JUMBOGRAM); } +static inline unsigned int skb_ipv6_totlen(const struct sk_buff *skb) +{ + u32 pl = ntohs(ipv6_hdr(skb)->payload_len); + + return pl ? pl + sizeof(struct ipv6hdr) + : (skb_is_gso_v6(skb) ? skb->len - skb_network_offset(skb) + : pl + sizeof(struct ipv6hdr)); +} + /* can not be used in TCP layer after tcp_v6_fill_cb */ static inline int inet6_sdif(const struct sk_buff *skb) { diff --git a/net/netfilter/xt_length.c b/net/netfilter/xt_length.c index b3d623a52885..61518ec05c6e 100644 --- a/net/netfilter/xt_length.c +++ b/net/netfilter/xt_length.c @@ -30,8 +30,7 @@ static bool length_mt6(const struct sk_buff *skb, struct xt_action_param *par) { const struct xt_length_info *info = par->matchinfo; - const u_int16_t pktlen = ntohs(ipv6_hdr(skb)->payload_len) + - sizeof(struct ipv6hdr); + u32 pktlen = skb_ipv6_totlen(skb); return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; } From patchwork Sat Jan 14 03:31:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 13101812 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F3F2DC3DA78 for ; Sat, 14 Jan 2023 03:32:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231395AbjANDcV (ORCPT ); Fri, 13 Jan 2023 22:32:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33700 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231221AbjANDcN (ORCPT ); Fri, 13 Jan 2023 22:32:13 -0500 Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 20FC08F8C7 for ; Fri, 13 Jan 2023 19:31:50 -0800 (PST) Received: by mail-qt1-x82d.google.com with SMTP id j15so15210014qtv.4 for ; Fri, 13 Jan 2023 19:31:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pceTx6YjdeO5XmqQ2hzuXWH5UEF819hY/vaBFICoTs8=; b=MK/dH5QsryvW8YEVPsA78lzcfMpTdEuLzTHdsDNoPNhkMHC1TNAHotf3a6RH+T6Uvs uuRTMq1kj3r/MiHEkBphyPDuohdSewoMwJT7qu76ZZxtiSIAqIVuNzqoumSrbHA7L7qD sNRtTCLHHY6ZV3Tt5ra2p+Ty8NxkXm1tFU961XVsPyD6OeilyKRYcSxASpEcIwaeFI0x MvkKfj/1UXLJMOovyOKV3JMhvPzE+uZG89hB08Lbbu5qrLejJc/ciI1c/efShIt2QzzY 0jku/T85oH/D9PbqkmQoWk93L8uQ10JLT/d3s7sIIWmyjqEngDjBNbjbtFDvWzLSaHKl uc6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pceTx6YjdeO5XmqQ2hzuXWH5UEF819hY/vaBFICoTs8=; b=O/UEgXa3U/o1o9pmWr5WZ7gVGnO/UFqQ1ss6dmZzLJntNBcQaDh7Ox5BNwV3mind3Y MRwqAn0XVkNbaz1c+PNp2fSlTyuTen2B7wwHcDQODDWqrKKblGfo1Pd9Q4qru0238dmP hJhb9fn0FMtusqeIJaCQPik6P++X4Qow5h+E3D/1WDGNvqzmpeQ9Uh4sS/aKsEkZiSXw jj0r4NUfMox6AoV92nYl6X0HvRtG9d2JM/qJO/+YFAMXqnCBBIgiqvWJRLRrDcGYiirJ fqS393w1M2iym/d/o3+VAv2xCSnmhzcvxX0R31O3mvyr6/Pbjsw8As01VHAaRbOuo05V YNLg== X-Gm-Message-State: AFqh2kqSFCH/IU9TKQiDBXmcLioYMPfHP19qv9LfFDD3UUVeUbSSg9Du 5Ljg4eYlv1W8FRoV0qJCOoFXadjqC+SEcA== X-Google-Smtp-Source: AMrXdXucdJBmLwkRKzgQavphXTtbBW/AJRPglsWGbqrpsPxa3W8Gy0ts/Hxv5QbHAJ9Nm+9VQubnNA== X-Received: by 2002:ac8:794d:0:b0:3ab:72ec:de9c with SMTP id r13-20020ac8794d000000b003ab72ecde9cmr105066520qtt.62.1673667109827; Fri, 13 Jan 2023 19:31:49 -0800 (PST) Received: from wsfd-netdev15.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id jt14-20020a05622aa00e00b003adc7f652a0sm7878846qtb.66.2023.01.13.19.31.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 19:31:49 -0800 (PST) From: Xin Long To: network dev Cc: davem@davemloft.net, kuba@kernel.org, Eric Dumazet , Paolo Abeni , David Ahern , Hideaki YOSHIFUJI , Pravin B Shelar , Jamal Hadi Salim , Cong Wang , Jiri Pirko , Pablo Neira Ayuso , Florian Westphal , Marcelo Ricardo Leitner , Ilya Maximets , Aaron Conole , Roopa Prabhu , Nikolay Aleksandrov , Mahesh Bandewar , Paul Moore , Guillaume Nault Subject: [PATCH net-next 10/10] selftests: add a selftest for big tcp Date: Fri, 13 Jan 2023 22:31:34 -0500 Message-Id: <70913b5f4087c8ab7675093ce9a04c4e53325c96.1673666803.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org This test runs on the client-router-server topo, and monitors the traffic on the RX devices of router and server while sending BIG TCP packets with netperf from client to server. Meanwhile, it changes 'tso' on the TX devs and 'gro' on the RX devs. Then it checks if any BIG TCP packets appears on the RX devs with 'ip/ip6tables -m length ! --length 0:65535' for each case. Signed-off-by: Xin Long --- tools/testing/selftests/net/Makefile | 1 + tools/testing/selftests/net/big_tcp.sh | 157 +++++++++++++++++++++++++ 2 files changed, 158 insertions(+) create mode 100755 tools/testing/selftests/net/big_tcp.sh diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index 3007e98a6d64..e7ff63df5fcc 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -75,6 +75,7 @@ TEST_GEN_PROGS += so_incoming_cpu TEST_PROGS += sctp_vrf.sh TEST_GEN_FILES += sctp_hello TEST_GEN_FILES += csum +TEST_PROGS += big_tcp.sh TEST_FILES := settings diff --git a/tools/testing/selftests/net/big_tcp.sh b/tools/testing/selftests/net/big_tcp.sh new file mode 100755 index 000000000000..7d0f0549ce59 --- /dev/null +++ b/tools/testing/selftests/net/big_tcp.sh @@ -0,0 +1,157 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 +# +# Testing For IPv4 and IPv6 BIG TCP. +# TOPO: CLIENT_NS (link0)<--->(link1) ROUTER_NS (link2)<--->(link3) SERVER_NS + +CLIENT_NS=$(mktemp -u client-XXXXXXXX) +CLIENT_IP4="198.51.100.1" +CLIENT_IP6="2001:db8:1::1" + +SERVER_NS=$(mktemp -u client-XXXXXXXX) +SERVER_IP4="203.0.113.1" +SERVER_IP6="2001:db8:2::1" + +ROUTER_NS=$(mktemp -u router-XXXXXXXX) +SERVER_GW4="203.0.113.2" +CLIENT_GW4="198.51.100.2" +SERVER_GW6="2001:db8:2::2" +CLIENT_GW6="2001:db8:1::2" + +MAX_SIZE=128000 +CHK_SIZE=65535 + +# Kselftest framework requirement - SKIP code is 4. +ksft_skip=4 + +setup() { + ip netns add $CLIENT_NS + ip netns add $SERVER_NS + ip netns add $ROUTER_NS + ip -net $ROUTER_NS link add link1 type veth peer name link0 netns $CLIENT_NS + ip -net $ROUTER_NS link add link2 type veth peer name link3 netns $SERVER_NS + + ip -net $CLIENT_NS link set link0 up + ip -net $CLIENT_NS link set link0 mtu 1442 + ip -net $CLIENT_NS addr add $CLIENT_IP4/24 dev link0 + ip -net $CLIENT_NS addr add $CLIENT_IP6/64 dev link0 nodad + ip -net $CLIENT_NS route add $SERVER_IP4 dev link0 via $CLIENT_GW4 + ip -net $CLIENT_NS route add $SERVER_IP6 dev link0 via $CLIENT_GW6 + ip -net $CLIENT_NS link set dev link0 gro_max_size $MAX_SIZE gso_max_size $MAX_SIZE + ip net exec $CLIENT_NS sysctl -wq net.ipv4.tcp_window_scaling=10 + + ip -net $ROUTER_NS link set link1 up + ip -net $ROUTER_NS link set link2 up + ip -net $ROUTER_NS addr add $CLIENT_GW4/24 dev link1 + ip -net $ROUTER_NS addr add $CLIENT_GW6/64 dev link1 nodad + ip -net $ROUTER_NS addr add $SERVER_GW4/24 dev link2 + ip -net $ROUTER_NS addr add $SERVER_GW6/64 dev link2 nodad + ip -net $ROUTER_NS link set dev link1 gro_max_size $MAX_SIZE gso_max_size $MAX_SIZE + ip -net $ROUTER_NS link set dev link2 gro_max_size $MAX_SIZE gso_max_size $MAX_SIZE + ip net exec $ROUTER_NS sysctl -wq net.ipv4.ip_forward=1 + ip net exec $ROUTER_NS sysctl -wq net.ipv6.conf.all.forwarding=1 + + ip -net $SERVER_NS link set link3 up + ip -net $SERVER_NS addr add $SERVER_IP4/24 dev link3 + ip -net $SERVER_NS addr add $SERVER_IP6/64 dev link3 nodad + ip -net $SERVER_NS route add $CLIENT_IP4 dev link3 via $SERVER_GW4 + ip -net $SERVER_NS route add $CLIENT_IP6 dev link3 via $SERVER_GW6 + ip -net $SERVER_NS link set dev link3 gro_max_size $MAX_SIZE gso_max_size $MAX_SIZE + ip net exec $SERVER_NS sysctl -wq net.ipv4.tcp_window_scaling=10 + ip net exec $SERVER_NS netserver 2>&1 >/dev/null +} + +cleanup() { + ip net exec $SERVER_NS pkill netserver + ip -net $ROUTER_NS link del link1 + ip -net $ROUTER_NS link del link2 + ip netns del "$CLIENT_NS" + ip netns del "$SERVER_NS" + ip netns del "$ROUTER_NS" +} + +start_counter() { + local ipt="iptables" + local iface=$1 + local netns=$2 + + [ "$NF" = "6" ] && ipt="ip6tables" + ip net exec $netns $ipt -t raw -A PREROUTING -i $iface \ + -m length ! --length 0:$CHK_SIZE -j ACCEPT +} + +check_counter() { + local ipt="iptables" + local iface=$1 + local netns=$2 + + [ "$NF" = "6" ] && ipt="ip6tables" + test `ip net exec $netns $ipt -t raw -L -v |grep $iface | awk '{print $1}'` != "0" +} + +stop_counter() { + local ipt="iptables" + local iface=$1 + local netns=$2 + + [ "$NF" = "6" ] && ipt="ip6tables" + ip net exec $netns $ipt -t raw -D PREROUTING -i $iface \ + -m length ! --length 0:$CHK_SIZE -j ACCEPT +} + +do_netperf() { + local serip=$SERVER_IP4 + local netns=$1 + + [ "$NF" = "6" ] && serip=$SERVER_IP6 + ip net exec $netns netperf -$NF -t TCP_STREAM -H $serip 2>&1 >/dev/null +} + +do_test() { + local cli_tso=$1 + local gw_gro=$2 + local gw_tso=$3 + local ser_gro=$4 + local ret="PASS" + + ip net exec $CLIENT_NS ethtool -K link0 tso $cli_tso + ip net exec $ROUTER_NS ethtool -K link1 gro $gw_gro + ip net exec $ROUTER_NS ethtool -K link2 tso $gw_tso + ip net exec $SERVER_NS ethtool -K link3 gro $ser_gro + + start_counter link1 $ROUTER_NS + start_counter link3 $SERVER_NS + do_netperf $CLIENT_NS + + if check_counter link1 $ROUTER_NS; then + check_counter link3 $SERVER_NS || ret="FAIL_on_link3" + else + ret="FAIL_on_link1" + fi + + stop_counter link1 $ROUTER_NS + stop_counter link3 $SERVER_NS + printf "%-9s %-8s %-8s %-8s: [%s]\n" \ + $cli_tso $gw_gro $gw_tso $ser_gro $ret + test $ret = "PASS" +} + +testup() { + echo "CLI GSO | GW GRO | GW GSO | SER GRO" && \ + do_test "on" "on" "on" "on" && \ + do_test "on" "off" "on" "off" && \ + do_test "off" "on" "on" "on" && \ + do_test "on" "on" "off" "on" && \ + do_test "off" "on" "off" "on" +} + +if ! netperf -V &> /dev/null; then + echo "SKIP: Could not run test without netperf tool" + exit $ksft_skip +fi + +trap cleanup EXIT +setup && echo "Testing for BIG TCP:" && \ +NF=4 testup && echo "***v4 Tests Done***" && \ +NF=6 testup && echo "***v6 Tests Done***" +exit $?