Merge branch 'mpls-push-pop-fix'

Davide Caratti says:

====================
net/sched: fix wrong behavior of MPLS push/pop action

this series contains two fixes for TC 'act_mpls', that try to address
two problems that can be observed configuring simple 'push' / 'pop'
operations:
- patch 1/2 avoids dropping non-MPLS packets that pass through the MPLS
  'pop' action.
- patch 2/2 fixes corruption of the L2 header that occurs when 'push'
  or 'pop' actions are configured in TC egress path.

v2: - change commit message in patch 1/2 to better describe that the
      patch impacts only TC, thanks to Simon Horman
    - fix missing documentation of 'mac_len' in patch 2/2
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2019-10-15 17:14:48 -07:00
commit 8d045995ed
4 changed files with 26 additions and 17 deletions

View File

@ -3510,8 +3510,9 @@ int skb_ensure_writable(struct sk_buff *skb, int write_len);
int __skb_vlan_pop(struct sk_buff *skb, u16 *vlan_tci); int __skb_vlan_pop(struct sk_buff *skb, u16 *vlan_tci);
int skb_vlan_pop(struct sk_buff *skb); int skb_vlan_pop(struct sk_buff *skb);
int skb_vlan_push(struct sk_buff *skb, __be16 vlan_proto, u16 vlan_tci); int skb_vlan_push(struct sk_buff *skb, __be16 vlan_proto, u16 vlan_tci);
int skb_mpls_push(struct sk_buff *skb, __be32 mpls_lse, __be16 mpls_proto); int skb_mpls_push(struct sk_buff *skb, __be32 mpls_lse, __be16 mpls_proto,
int skb_mpls_pop(struct sk_buff *skb, __be16 next_proto); int mac_len);
int skb_mpls_pop(struct sk_buff *skb, __be16 next_proto, int mac_len);
int skb_mpls_update_lse(struct sk_buff *skb, __be32 mpls_lse); int skb_mpls_update_lse(struct sk_buff *skb, __be32 mpls_lse);
int skb_mpls_dec_ttl(struct sk_buff *skb); int skb_mpls_dec_ttl(struct sk_buff *skb);
struct sk_buff *pskb_extract(struct sk_buff *skb, int off, int to_copy, struct sk_buff *pskb_extract(struct sk_buff *skb, int off, int to_copy,

View File

@ -5477,12 +5477,14 @@ static void skb_mod_eth_type(struct sk_buff *skb, struct ethhdr *hdr,
* @skb: buffer * @skb: buffer
* @mpls_lse: MPLS label stack entry to push * @mpls_lse: MPLS label stack entry to push
* @mpls_proto: ethertype of the new MPLS header (expects 0x8847 or 0x8848) * @mpls_proto: ethertype of the new MPLS header (expects 0x8847 or 0x8848)
* @mac_len: length of the MAC header
* *
* Expects skb->data at mac header. * Expects skb->data at mac header.
* *
* Returns 0 on success, -errno otherwise. * Returns 0 on success, -errno otherwise.
*/ */
int skb_mpls_push(struct sk_buff *skb, __be32 mpls_lse, __be16 mpls_proto) int skb_mpls_push(struct sk_buff *skb, __be32 mpls_lse, __be16 mpls_proto,
int mac_len)
{ {
struct mpls_shim_hdr *lse; struct mpls_shim_hdr *lse;
int err; int err;
@ -5499,15 +5501,15 @@ int skb_mpls_push(struct sk_buff *skb, __be32 mpls_lse, __be16 mpls_proto)
return err; return err;
if (!skb->inner_protocol) { if (!skb->inner_protocol) {
skb_set_inner_network_header(skb, skb->mac_len); skb_set_inner_network_header(skb, mac_len);
skb_set_inner_protocol(skb, skb->protocol); skb_set_inner_protocol(skb, skb->protocol);
} }
skb_push(skb, MPLS_HLEN); skb_push(skb, MPLS_HLEN);
memmove(skb_mac_header(skb) - MPLS_HLEN, skb_mac_header(skb), memmove(skb_mac_header(skb) - MPLS_HLEN, skb_mac_header(skb),
skb->mac_len); mac_len);
skb_reset_mac_header(skb); skb_reset_mac_header(skb);
skb_set_network_header(skb, skb->mac_len); skb_set_network_header(skb, mac_len);
lse = mpls_hdr(skb); lse = mpls_hdr(skb);
lse->label_stack_entry = mpls_lse; lse->label_stack_entry = mpls_lse;
@ -5526,29 +5528,30 @@ EXPORT_SYMBOL_GPL(skb_mpls_push);
* *
* @skb: buffer * @skb: buffer
* @next_proto: ethertype of header after popped MPLS header * @next_proto: ethertype of header after popped MPLS header
* @mac_len: length of the MAC header
* *
* Expects skb->data at mac header. * Expects skb->data at mac header.
* *
* Returns 0 on success, -errno otherwise. * Returns 0 on success, -errno otherwise.
*/ */
int skb_mpls_pop(struct sk_buff *skb, __be16 next_proto) int skb_mpls_pop(struct sk_buff *skb, __be16 next_proto, int mac_len)
{ {
int err; int err;
if (unlikely(!eth_p_mpls(skb->protocol))) if (unlikely(!eth_p_mpls(skb->protocol)))
return -EINVAL; return 0;
err = skb_ensure_writable(skb, skb->mac_len + MPLS_HLEN); err = skb_ensure_writable(skb, mac_len + MPLS_HLEN);
if (unlikely(err)) if (unlikely(err))
return err; return err;
skb_postpull_rcsum(skb, mpls_hdr(skb), MPLS_HLEN); skb_postpull_rcsum(skb, mpls_hdr(skb), MPLS_HLEN);
memmove(skb_mac_header(skb) + MPLS_HLEN, skb_mac_header(skb), memmove(skb_mac_header(skb) + MPLS_HLEN, skb_mac_header(skb),
skb->mac_len); mac_len);
__skb_pull(skb, MPLS_HLEN); __skb_pull(skb, MPLS_HLEN);
skb_reset_mac_header(skb); skb_reset_mac_header(skb);
skb_set_network_header(skb, skb->mac_len); skb_set_network_header(skb, mac_len);
if (skb->dev && skb->dev->type == ARPHRD_ETHER) { if (skb->dev && skb->dev->type == ARPHRD_ETHER) {
struct ethhdr *hdr; struct ethhdr *hdr;

View File

@ -165,7 +165,8 @@ static int push_mpls(struct sk_buff *skb, struct sw_flow_key *key,
{ {
int err; int err;
err = skb_mpls_push(skb, mpls->mpls_lse, mpls->mpls_ethertype); err = skb_mpls_push(skb, mpls->mpls_lse, mpls->mpls_ethertype,
skb->mac_len);
if (err) if (err)
return err; return err;
@ -178,7 +179,7 @@ static int pop_mpls(struct sk_buff *skb, struct sw_flow_key *key,
{ {
int err; int err;
err = skb_mpls_pop(skb, ethertype); err = skb_mpls_pop(skb, ethertype, skb->mac_len);
if (err) if (err)
return err; return err;

View File

@ -55,7 +55,7 @@ static int tcf_mpls_act(struct sk_buff *skb, const struct tc_action *a,
struct tcf_mpls *m = to_mpls(a); struct tcf_mpls *m = to_mpls(a);
struct tcf_mpls_params *p; struct tcf_mpls_params *p;
__be32 new_lse; __be32 new_lse;
int ret; int ret, mac_len;
tcf_lastuse_update(&m->tcf_tm); tcf_lastuse_update(&m->tcf_tm);
bstats_cpu_update(this_cpu_ptr(m->common.cpu_bstats), skb); bstats_cpu_update(this_cpu_ptr(m->common.cpu_bstats), skb);
@ -63,8 +63,12 @@ static int tcf_mpls_act(struct sk_buff *skb, const struct tc_action *a,
/* Ensure 'data' points at mac_header prior calling mpls manipulating /* Ensure 'data' points at mac_header prior calling mpls manipulating
* functions. * functions.
*/ */
if (skb_at_tc_ingress(skb)) if (skb_at_tc_ingress(skb)) {
skb_push_rcsum(skb, skb->mac_len); skb_push_rcsum(skb, skb->mac_len);
mac_len = skb->mac_len;
} else {
mac_len = skb_network_header(skb) - skb_mac_header(skb);
}
ret = READ_ONCE(m->tcf_action); ret = READ_ONCE(m->tcf_action);
@ -72,12 +76,12 @@ static int tcf_mpls_act(struct sk_buff *skb, const struct tc_action *a,
switch (p->tcfm_action) { switch (p->tcfm_action) {
case TCA_MPLS_ACT_POP: case TCA_MPLS_ACT_POP:
if (skb_mpls_pop(skb, p->tcfm_proto)) if (skb_mpls_pop(skb, p->tcfm_proto, mac_len))
goto drop; goto drop;
break; break;
case TCA_MPLS_ACT_PUSH: case TCA_MPLS_ACT_PUSH:
new_lse = tcf_mpls_get_lse(NULL, p, !eth_p_mpls(skb->protocol)); new_lse = tcf_mpls_get_lse(NULL, p, !eth_p_mpls(skb->protocol));
if (skb_mpls_push(skb, new_lse, p->tcfm_proto)) if (skb_mpls_push(skb, new_lse, p->tcfm_proto, mac_len))
goto drop; goto drop;
break; break;
case TCA_MPLS_ACT_MODIFY: case TCA_MPLS_ACT_MODIFY: