[PATCH net] net/tunnel: set inner protocol in network gro hooks

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH net] net/tunnel: set inner protocol in network gro hooks
@ 2017-03-07 17:33 Paolo Abeni
  2017-03-07 18:15 ` Alexander Duyck
  2017-03-09 21:20 ` David Miller
  0 siblings, 2 replies; 3+ messages in thread
From: Paolo Abeni @ 2017-03-07 17:33 UTC (permalink / raw)
  To: netdev; +Cc: David S. Miller, Alexander Duyck, Tom Herbert

The gso code of several tunnels type (gre and udp tunnels)
takes for granted that the skb->inner_protocol is properly
initialized and drops the packet elsewhere.

On the forwarding path no one is initializing such field,
so gro encapsulated packets are dropped on forward.

Since commit 38720352412a ("gre: Use inner_proto to obtain
inner header protocol"), this can be reproduced when the
encapsulated packets use gre as the tunneling protocol.

The issue happens also with vxlan and geneve tunnels since
commit 8bce6d7d0d1e ("udp: Generalize skb_udp_segment"), if the
forwarding host's ingress nic has h/w offload for such tunnel
and a vxlan/geneve device is configured on top of it, regardless
of the configured peer address and vni.

To address the issue, this change initialize the inner_protocol
field for encapsulated packets in both ipv4 and ipv6 gro complete
callbacks.

Fixes: 38720352412a ("gre: Use inner_proto to obtain inner header protocol")
Fixes: 8bce6d7d0d1e ("udp: Generalize skb_udp_segment")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
---
 net/ipv4/af_inet.c     | 4 +++-
 net/ipv6/ip6_offload.c | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index 602d40f..5091f46 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1487,8 +1487,10 @@ int inet_gro_complete(struct sk_buff *skb, int nhoff)
 	int proto = iph->protocol;
 	int err = -ENOSYS;

-	if (skb->encapsulation)
+	if (skb->encapsulation) {
+		skb_set_inner_protocol(skb, cpu_to_be16(ETH_P_IP));
 		skb_set_inner_network_header(skb, nhoff);
+	}

 	csum_replace2(&iph->check, iph->tot_len, newlen);
 	iph->tot_len = newlen;
diff --git a/net/ipv6/ip6_offload.c b/net/ipv6/ip6_offload.c
index 0838e6d..93e58a5 100644
--- a/net/ipv6/ip6_offload.c
+++ b/net/ipv6/ip6_offload.c
@@ -294,8 +294,10 @@ static int ipv6_gro_complete(struct sk_buff *skb, int nhoff)
 	struct ipv6hdr *iph = (struct ipv6hdr *)(skb->data + nhoff);
 	int err = -ENOSYS;

-	if (skb->encapsulation)
+	if (skb->encapsulation) {
+		skb_set_inner_protocol(skb, cpu_to_be16(ETH_P_IPV6));
 		skb_set_inner_network_header(skb, nhoff);
+	}

 	iph->payload_len = htons(skb->len - nhoff - sizeof(*iph));

-- 
2.9.3

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH net] net/tunnel: set inner protocol in network gro hooks
  2017-03-07 17:33 [PATCH net] net/tunnel: set inner protocol in network gro hooks Paolo Abeni
@ 2017-03-07 18:15 ` Alexander Duyck
  2017-03-09 21:20 ` David Miller
  1 sibling, 0 replies; 3+ messages in thread
From: Alexander Duyck @ 2017-03-07 18:15 UTC (permalink / raw)
  To: Paolo Abeni; +Cc: Netdev, David S. Miller, Tom Herbert

On Tue, Mar 7, 2017 at 9:33 AM, Paolo Abeni <pabeni@redhat.com> wrote:
> The gso code of several tunnels type (gre and udp tunnels)
> takes for granted that the skb->inner_protocol is properly
> initialized and drops the packet elsewhere.
>
> On the forwarding path no one is initializing such field,
> so gro encapsulated packets are dropped on forward.
>
> Since commit 38720352412a ("gre: Use inner_proto to obtain
> inner header protocol"), this can be reproduced when the
> encapsulated packets use gre as the tunneling protocol.
>
> The issue happens also with vxlan and geneve tunnels since
> commit 8bce6d7d0d1e ("udp: Generalize skb_udp_segment"), if the
> forwarding host's ingress nic has h/w offload for such tunnel
> and a vxlan/geneve device is configured on top of it, regardless
> of the configured peer address and vni.
>
> To address the issue, this change initialize the inner_protocol
> field for encapsulated packets in both ipv4 and ipv6 gro complete
> callbacks.
>
> Fixes: 38720352412a ("gre: Use inner_proto to obtain inner header protocol")
> Fixes: 8bce6d7d0d1e ("udp: Generalize skb_udp_segment")
> Signed-off-by: Paolo Abeni <pabeni@redhat.com>

Looks good to me.

Acked-by: Alexander Duyck <alexander.h.duyck@intel.com>

> ---
>  net/ipv4/af_inet.c     | 4 +++-
>  net/ipv6/ip6_offload.c | 4 +++-
>  2 files changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
> index 602d40f..5091f46 100644
> --- a/net/ipv4/af_inet.c
> +++ b/net/ipv4/af_inet.c
> @@ -1487,8 +1487,10 @@ int inet_gro_complete(struct sk_buff *skb, int nhoff)
>         int proto = iph->protocol;
>         int err = -ENOSYS;
>
> -       if (skb->encapsulation)
> +       if (skb->encapsulation) {
> +               skb_set_inner_protocol(skb, cpu_to_be16(ETH_P_IP));
>                 skb_set_inner_network_header(skb, nhoff);
> +       }
>
>         csum_replace2(&iph->check, iph->tot_len, newlen);
>         iph->tot_len = newlen;
> diff --git a/net/ipv6/ip6_offload.c b/net/ipv6/ip6_offload.c
> index 0838e6d..93e58a5 100644
> --- a/net/ipv6/ip6_offload.c
> +++ b/net/ipv6/ip6_offload.c
> @@ -294,8 +294,10 @@ static int ipv6_gro_complete(struct sk_buff *skb, int nhoff)
>         struct ipv6hdr *iph = (struct ipv6hdr *)(skb->data + nhoff);
>         int err = -ENOSYS;
>
> -       if (skb->encapsulation)
> +       if (skb->encapsulation) {
> +               skb_set_inner_protocol(skb, cpu_to_be16(ETH_P_IPV6));
>                 skb_set_inner_network_header(skb, nhoff);
> +       }
>
>         iph->payload_len = htons(skb->len - nhoff - sizeof(*iph));
>
> --
> 2.9.3
>

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH net] net/tunnel: set inner protocol in network gro hooks
  2017-03-07 17:33 [PATCH net] net/tunnel: set inner protocol in network gro hooks Paolo Abeni
  2017-03-07 18:15 ` Alexander Duyck
@ 2017-03-09 21:20 ` David Miller
  1 sibling, 0 replies; 3+ messages in thread
From: David Miller @ 2017-03-09 21:20 UTC (permalink / raw)
  To: pabeni; +Cc: netdev, alexander.duyck, tom

From: Paolo Abeni <pabeni@redhat.com>
Date: Tue,  7 Mar 2017 18:33:31 +0100

> The gso code of several tunnels type (gre and udp tunnels)
> takes for granted that the skb->inner_protocol is properly
> initialized and drops the packet elsewhere.
> 
> On the forwarding path no one is initializing such field,
> so gro encapsulated packets are dropped on forward.
> 
> Since commit 38720352412a ("gre: Use inner_proto to obtain
> inner header protocol"), this can be reproduced when the
> encapsulated packets use gre as the tunneling protocol.
> 
> The issue happens also with vxlan and geneve tunnels since
> commit 8bce6d7d0d1e ("udp: Generalize skb_udp_segment"), if the
> forwarding host's ingress nic has h/w offload for such tunnel
> and a vxlan/geneve device is configured on top of it, regardless
> of the configured peer address and vni.
> 
> To address the issue, this change initialize the inner_protocol
> field for encapsulated packets in both ipv4 and ipv6 gro complete
> callbacks.
> 
> Fixes: 38720352412a ("gre: Use inner_proto to obtain inner header protocol")
> Fixes: 8bce6d7d0d1e ("udp: Generalize skb_udp_segment")
> Signed-off-by: Paolo Abeni <pabeni@redhat.com>

Applied and queued up for -stable.

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2017-03-09 21:20 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-03-07 17:33 [PATCH net] net/tunnel: set inner protocol in network gro hooks Paolo Abeni
2017-03-07 18:15 ` Alexander Duyck
2017-03-09 21:20 ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).