* [PATCH v2 net] gso: fix dodgy bit handling for GSO_UDP_L4
@ 2023-07-13 17:28 Yan Zhai
2023-07-13 17:38 ` Willem de Bruijn
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Yan Zhai @ 2023-07-13 17:28 UTC (permalink / raw)
To: open list:NETWORKING [TCP]
Cc: kernel-team, Eric Dumazet, David S. Miller, David Ahern,
Jakub Kicinski, Paolo Abeni, Marcelo Ricardo Leitner, Xin Long,
Herbert Xu, Andrew Melnychenko, Jason Wang, Willem de Bruijn,
open list, open list:SCTP PROTOCOL
Commit 1fd54773c267 ("udp: allow header check for dodgy GSO_UDP_L4
packets.") checks DODGY bit for UDP, but for packets that can be fed
directly to the device after gso_segs reset, it actually falls through
to fragmentation:
https://lore.kernel.org/all/CAJPywTKDdjtwkLVUW6LRA2FU912qcDmQOQGt2WaDo28KzYDg+A@mail.gmail.com/
This change restores the expected behavior of GSO_UDP_L4 packets.
Fixes: 1fd54773c267 ("udp: allow header check for dodgy GSO_UDP_L4 packets.")
Suggested-by: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
Signed-off-by: Yan Zhai <yan@cloudflare.com>
---
v2: dropped modifications to tcp/sctp on DODGY bit removal after
validating gso_segs. Also moved the UDP header check into
__udp_gso_segment (per Willem's suggestion).
---
net/ipv4/udp_offload.c | 16 +++++++++++-----
net/ipv6/udp_offload.c | 3 +--
2 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/net/ipv4/udp_offload.c b/net/ipv4/udp_offload.c
index 75aa4de5b731..f402946da344 100644
--- a/net/ipv4/udp_offload.c
+++ b/net/ipv4/udp_offload.c
@@ -274,13 +274,20 @@ struct sk_buff *__udp_gso_segment(struct sk_buff *gso_skb,
__sum16 check;
__be16 newlen;
- if (skb_shinfo(gso_skb)->gso_type & SKB_GSO_FRAGLIST)
- return __udp_gso_segment_list(gso_skb, features, is_ipv6);
-
mss = skb_shinfo(gso_skb)->gso_size;
if (gso_skb->len <= sizeof(*uh) + mss)
return ERR_PTR(-EINVAL);
+ if (skb_gso_ok(gso_skb, features | NETIF_F_GSO_ROBUST)) {
+ /* Packet is from an untrusted source, reset gso_segs. */
+ skb_shinfo(gso_skb)->gso_segs = DIV_ROUND_UP(gso_skb->len - sizeof(*uh),
+ mss);
+ return NULL;
+ }
+
+ if (skb_shinfo(gso_skb)->gso_type & SKB_GSO_FRAGLIST)
+ return __udp_gso_segment_list(gso_skb, features, is_ipv6);
+
skb_pull(gso_skb, sizeof(*uh));
/* clear destructor to avoid skb_segment assigning it to tail */
@@ -388,8 +395,7 @@ static struct sk_buff *udp4_ufo_fragment(struct sk_buff *skb,
if (!pskb_may_pull(skb, sizeof(struct udphdr)))
goto out;
- if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4 &&
- !skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST))
+ if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4)
return __udp_gso_segment(skb, features, false);
mss = skb_shinfo(skb)->gso_size;
diff --git a/net/ipv6/udp_offload.c b/net/ipv6/udp_offload.c
index ad3b8726873e..09fa7a42cb93 100644
--- a/net/ipv6/udp_offload.c
+++ b/net/ipv6/udp_offload.c
@@ -43,8 +43,7 @@ static struct sk_buff *udp6_ufo_fragment(struct sk_buff *skb,
if (!pskb_may_pull(skb, sizeof(struct udphdr)))
goto out;
- if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4 &&
- !skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST))
+ if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4)
return __udp_gso_segment(skb, features, true);
mss = skb_shinfo(skb)->gso_size;
--
2.30.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH v2 net] gso: fix dodgy bit handling for GSO_UDP_L4
2023-07-13 17:28 [PATCH v2 net] gso: fix dodgy bit handling for GSO_UDP_L4 Yan Zhai
@ 2023-07-13 17:38 ` Willem de Bruijn
2023-07-14 4:27 ` Yan Zhai
2023-07-14 3:58 ` Jason Wang
2023-07-14 9:30 ` patchwork-bot+netdevbpf
2 siblings, 1 reply; 5+ messages in thread
From: Willem de Bruijn @ 2023-07-13 17:38 UTC (permalink / raw)
To: Yan Zhai
Cc: open list:NETWORKING [TCP], kernel-team, Eric Dumazet,
David S. Miller, David Ahern, Jakub Kicinski, Paolo Abeni,
Marcelo Ricardo Leitner, Xin Long, Herbert Xu, Andrew Melnychenko,
Jason Wang, open list, open list:SCTP PROTOCOL
On Thu, Jul 13, 2023 at 1:28 PM Yan Zhai <yan@cloudflare.com> wrote:
>
> Commit 1fd54773c267 ("udp: allow header check for dodgy GSO_UDP_L4
> packets.") checks DODGY bit for UDP, but for packets that can be fed
> directly to the device after gso_segs reset, it actually falls through
> to fragmentation:
>
> https://lore.kernel.org/all/CAJPywTKDdjtwkLVUW6LRA2FU912qcDmQOQGt2WaDo28KzYDg+A@mail.gmail.com/
>
> This change restores the expected behavior of GSO_UDP_L4 packets.
>
> Fixes: 1fd54773c267 ("udp: allow header check for dodgy GSO_UDP_L4 packets.")
> Suggested-by: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
> Signed-off-by: Yan Zhai <yan@cloudflare.com>
Reviewed-by: Willem de Bruijn <willemb@google.com>
for next time: places hyperlinks in the block of tags at the bottom of
the commit as "Link: ${URL}"
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2 net] gso: fix dodgy bit handling for GSO_UDP_L4
2023-07-13 17:28 [PATCH v2 net] gso: fix dodgy bit handling for GSO_UDP_L4 Yan Zhai
2023-07-13 17:38 ` Willem de Bruijn
@ 2023-07-14 3:58 ` Jason Wang
2023-07-14 9:30 ` patchwork-bot+netdevbpf
2 siblings, 0 replies; 5+ messages in thread
From: Jason Wang @ 2023-07-14 3:58 UTC (permalink / raw)
To: Yan Zhai
Cc: open list:NETWORKING [TCP], kernel-team, Eric Dumazet,
David S. Miller, David Ahern, Jakub Kicinski, Paolo Abeni,
Marcelo Ricardo Leitner, Xin Long, Herbert Xu, Andrew Melnychenko,
Willem de Bruijn, open list, open list:SCTP PROTOCOL
On Fri, Jul 14, 2023 at 1:28 AM Yan Zhai <yan@cloudflare.com> wrote:
>
> Commit 1fd54773c267 ("udp: allow header check for dodgy GSO_UDP_L4
> packets.") checks DODGY bit for UDP, but for packets that can be fed
> directly to the device after gso_segs reset, it actually falls through
> to fragmentation:
>
> https://lore.kernel.org/all/CAJPywTKDdjtwkLVUW6LRA2FU912qcDmQOQGt2WaDo28KzYDg+A@mail.gmail.com/
>
> This change restores the expected behavior of GSO_UDP_L4 packets.
>
> Fixes: 1fd54773c267 ("udp: allow header check for dodgy GSO_UDP_L4 packets.")
> Suggested-by: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
> Signed-off-by: Yan Zhai <yan@cloudflare.com>
>
> ---
> v2: dropped modifications to tcp/sctp on DODGY bit removal after
> validating gso_segs. Also moved the UDP header check into
> __udp_gso_segment (per Willem's suggestion).
>
Acked-by: Jason Wang <jasowang@redhat.com>
Thanks
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2 net] gso: fix dodgy bit handling for GSO_UDP_L4
2023-07-13 17:38 ` Willem de Bruijn
@ 2023-07-14 4:27 ` Yan Zhai
0 siblings, 0 replies; 5+ messages in thread
From: Yan Zhai @ 2023-07-14 4:27 UTC (permalink / raw)
To: Willem de Bruijn
Cc: open list:NETWORKING [TCP], kernel-team, Eric Dumazet,
David S. Miller, David Ahern, Jakub Kicinski, Paolo Abeni,
Marcelo Ricardo Leitner, Xin Long, Herbert Xu, Andrew Melnychenko,
Jason Wang, open list, open list:SCTP PROTOCOL
On Thu, Jul 13, 2023 at 12:38 PM Willem de Bruijn
<willemdebruijn.kernel@gmail.com> wrote:
>
> On Thu, Jul 13, 2023 at 1:28 PM Yan Zhai <yan@cloudflare.com> wrote:
> >
> > Commit 1fd54773c267 ("udp: allow header check for dodgy GSO_UDP_L4
> > packets.") checks DODGY bit for UDP, but for packets that can be fed
> > directly to the device after gso_segs reset, it actually falls through
> > to fragmentation:
> >
> > https://lore.kernel.org/all/CAJPywTKDdjtwkLVUW6LRA2FU912qcDmQOQGt2WaDo28KzYDg+A@mail.gmail.com/
> >
> > This change restores the expected behavior of GSO_UDP_L4 packets.
> >
> > Fixes: 1fd54773c267 ("udp: allow header check for dodgy GSO_UDP_L4 packets.")
> > Suggested-by: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
> > Signed-off-by: Yan Zhai <yan@cloudflare.com>
>
> Reviewed-by: Willem de Bruijn <willemb@google.com>
>
> for next time: places hyperlinks in the block of tags at the bottom of
> the commit as "Link: ${URL}"
Good to learn, thanks!
--
Yan
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2 net] gso: fix dodgy bit handling for GSO_UDP_L4
2023-07-13 17:28 [PATCH v2 net] gso: fix dodgy bit handling for GSO_UDP_L4 Yan Zhai
2023-07-13 17:38 ` Willem de Bruijn
2023-07-14 3:58 ` Jason Wang
@ 2023-07-14 9:30 ` patchwork-bot+netdevbpf
2 siblings, 0 replies; 5+ messages in thread
From: patchwork-bot+netdevbpf @ 2023-07-14 9:30 UTC (permalink / raw)
To: Yan Zhai
Cc: netdev, kernel-team, edumazet, davem, dsahern, kuba, pabeni,
marcelo.leitner, lucien.xin, herbert, andrew, jasowang,
willemdebruijn.kernel, linux-kernel, linux-sctp
Hello:
This patch was applied to netdev/net.git (main)
by David S. Miller <davem@davemloft.net>:
On Thu, 13 Jul 2023 10:28:00 -0700 you wrote:
> Commit 1fd54773c267 ("udp: allow header check for dodgy GSO_UDP_L4
> packets.") checks DODGY bit for UDP, but for packets that can be fed
> directly to the device after gso_segs reset, it actually falls through
> to fragmentation:
>
> https://lore.kernel.org/all/CAJPywTKDdjtwkLVUW6LRA2FU912qcDmQOQGt2WaDo28KzYDg+A@mail.gmail.com/
>
> [...]
Here is the summary with links:
- [v2,net] gso: fix dodgy bit handling for GSO_UDP_L4
https://git.kernel.org/netdev/net/c/9840036786d9
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-07-14 9:30 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-13 17:28 [PATCH v2 net] gso: fix dodgy bit handling for GSO_UDP_L4 Yan Zhai
2023-07-13 17:38 ` Willem de Bruijn
2023-07-14 4:27 ` Yan Zhai
2023-07-14 3:58 ` Jason Wang
2023-07-14 9:30 ` patchwork-bot+netdevbpf
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).