2021-04-22 01:28:36

by Phillip Potter

[permalink] [raw]
Subject: [PATCH] net: geneve: modify IP header check in geneve6_xmit_skb

Modify the check in geneve6_xmit_skb to use the size of a struct iphdr
rather than struct ipv6hdr. This fixes two kernel selftest failures
introduced by commit 6628ddfec758
("net: geneve: check skb is large enough for IPv4/IPv6 header"), without
diminishing the fix provided by that commit.

Reported-by: kernel test robot <[email protected]>
Signed-off-by: Phillip Potter <[email protected]>
---
drivers/net/geneve.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
index 42f31c681846..a57a5e6f614f 100644
--- a/drivers/net/geneve.c
+++ b/drivers/net/geneve.c
@@ -988,7 +988,7 @@ static int geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
__be16 sport;
int err;

- if (!pskb_network_may_pull(skb, sizeof(struct ipv6hdr)))
+ if (!pskb_network_may_pull(skb, sizeof(struct iphdr)))
return -EINVAL;

sport = udp_flow_src_port(geneve->net, skb, 1, USHRT_MAX, true);
--
2.30.2


2021-04-22 01:31:33

by Florian Westphal

[permalink] [raw]
Subject: Re: [PATCH] net: geneve: modify IP header check in geneve6_xmit_skb

Phillip Potter <[email protected]> wrote:
> Modify the check in geneve6_xmit_skb to use the size of a struct iphdr
> rather than struct ipv6hdr. This fixes two kernel selftest failures
> introduced by commit 6628ddfec758
> ("net: geneve: check skb is large enough for IPv4/IPv6 header"), without
> diminishing the fix provided by that commit.

What errors?

> Reported-by: kernel test robot <[email protected]>
> Signed-off-by: Phillip Potter <[email protected]>
> ---
> drivers/net/geneve.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
> index 42f31c681846..a57a5e6f614f 100644
> --- a/drivers/net/geneve.c
> +++ b/drivers/net/geneve.c
> @@ -988,7 +988,7 @@ static int geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
> __be16 sport;
> int err;
>
> - if (!pskb_network_may_pull(skb, sizeof(struct ipv6hdr)))
> + if (!pskb_network_may_pull(skb, sizeof(struct iphdr)))
> return -EINVAL;

Seems this is papering over some bug, this change makes no sense to
me. Can you please explain this?

2021-04-22 01:31:55

by Phillip Potter

[permalink] [raw]
Subject: Re: [PATCH] net: geneve: modify IP header check in geneve6_xmit_skb

On Thu, Apr 22, 2021 at 02:39:42AM +0200, Florian Westphal wrote:
> Phillip Potter <[email protected]> wrote:
> > Modify the check in geneve6_xmit_skb to use the size of a struct iphdr
> > rather than struct ipv6hdr. This fixes two kernel selftest failures
> > introduced by commit 6628ddfec758
> > ("net: geneve: check skb is large enough for IPv4/IPv6 header"), without
> > diminishing the fix provided by that commit.
>
> What errors?
>
> > Reported-by: kernel test robot <[email protected]>
> > Signed-off-by: Phillip Potter <[email protected]>
> > ---
> > drivers/net/geneve.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
> > index 42f31c681846..a57a5e6f614f 100644
> > --- a/drivers/net/geneve.c
> > +++ b/drivers/net/geneve.c
> > @@ -988,7 +988,7 @@ static int geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
> > __be16 sport;
> > int err;
> >
> > - if (!pskb_network_may_pull(skb, sizeof(struct ipv6hdr)))
> > + if (!pskb_network_may_pull(skb, sizeof(struct iphdr)))
> > return -EINVAL;
>
> Seems this is papering over some bug, this change makes no sense to
> me. Can you please explain this?

Dear Florian,

I made the change to fix failures in the following tests:
IPv4 over geneve6: PMTU exceptions
IPv4 over geneve6: PMTU exceptions - nexthop objects

Error for both tests was:
PMTU exception wasn't created after exceeding link layer MTU on geneve interface

I was notified by the kernel test reobot due to the failures being caused by my
previous patch to this file. Sorry if I've done this the wrong way, just didn't
want to hold anyone up. I also tested the patch with syzbot again to make sure
it still fixed the original problem from my last commit.

Regards,
Phil

2021-04-22 06:45:41

by Eric Dumazet

[permalink] [raw]
Subject: Re: [PATCH] net: geneve: modify IP header check in geneve6_xmit_skb

On Thu, Apr 22, 2021 at 1:11 AM Phillip Potter <[email protected]> wrote:
>
> Modify the check in geneve6_xmit_skb to use the size of a struct iphdr
> rather than struct ipv6hdr. This fixes two kernel selftest failures
> introduced by commit 6628ddfec758
> ("net: geneve: check skb is large enough for IPv4/IPv6 header"), without
> diminishing the fix provided by that commit.
>
> Reported-by: kernel test robot <[email protected]>
> Signed-off-by: Phillip Potter <[email protected]>

SGTM, but _please_ add a Fixes: tag, since stable teams now depend on this,
more than human parsing the changelog.

Fixes: 6628ddfec758 ("net: geneve: check skb is large enough for
IPv4/IPv6 header")

> ---
> drivers/net/geneve.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
> index 42f31c681846..a57a5e6f614f 100644
> --- a/drivers/net/geneve.c
> +++ b/drivers/net/geneve.c
> @@ -988,7 +988,7 @@ static int geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
> __be16 sport;
> int err;
>
> - if (!pskb_network_may_pull(skb, sizeof(struct ipv6hdr)))
> + if (!pskb_network_may_pull(skb, sizeof(struct iphdr)))
> return -EINVAL;
>
> sport = udp_flow_src_port(geneve->net, skb, 1, USHRT_MAX, true);
> --
> 2.30.2
>

2021-04-22 16:05:35

by Sabrina Dubroca

[permalink] [raw]
Subject: Re: [PATCH] net: geneve: modify IP header check in geneve6_xmit_skb

2021-04-22, 02:39:42 +0200, Florian Westphal wrote:
> Phillip Potter <[email protected]> wrote:
> > Modify the check in geneve6_xmit_skb to use the size of a struct iphdr
> > rather than struct ipv6hdr. This fixes two kernel selftest failures
> > introduced by commit 6628ddfec758
> > ("net: geneve: check skb is large enough for IPv4/IPv6 header"), without
> > diminishing the fix provided by that commit.
>
> What errors?
>
> > Reported-by: kernel test robot <[email protected]>
> > Signed-off-by: Phillip Potter <[email protected]>
> > ---
> > drivers/net/geneve.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
> > index 42f31c681846..a57a5e6f614f 100644
> > --- a/drivers/net/geneve.c
> > +++ b/drivers/net/geneve.c
> > @@ -988,7 +988,7 @@ static int geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
> > __be16 sport;
> > int err;
> >
> > - if (!pskb_network_may_pull(skb, sizeof(struct ipv6hdr)))
> > + if (!pskb_network_may_pull(skb, sizeof(struct iphdr)))
> > return -EINVAL;
>
> Seems this is papering over some bug, this change makes no sense to
> me. Can you please explain this?

I'm not sure the original commit (6628ddfec758 ("net: geneve: check
skb is large enough for IPv4/IPv6 header")) is correct either. GENEVE
isn't limited to carrying IP, I think an ethernet header with not much
else on top should be valid.

--
Sabrina

2021-04-22 16:54:51

by Eric Dumazet

[permalink] [raw]
Subject: Re: [PATCH] net: geneve: modify IP header check in geneve6_xmit_skb

On Thu, Apr 22, 2021 at 6:04 PM Sabrina Dubroca <[email protected]> wrote:
>
> 2021-04-22, 02:39:42 +0200, Florian Westphal wrote:
> > Phillip Potter <[email protected]> wrote:
> > > Modify the check in geneve6_xmit_skb to use the size of a struct iphdr
> > > rather than struct ipv6hdr. This fixes two kernel selftest failures
> > > introduced by commit 6628ddfec758
> > > ("net: geneve: check skb is large enough for IPv4/IPv6 header"), without
> > > diminishing the fix provided by that commit.
> >
> > What errors?
> >
> > > Reported-by: kernel test robot <[email protected]>
> > > Signed-off-by: Phillip Potter <[email protected]>
> > > ---
> > > drivers/net/geneve.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
> > > index 42f31c681846..a57a5e6f614f 100644
> > > --- a/drivers/net/geneve.c
> > > +++ b/drivers/net/geneve.c
> > > @@ -988,7 +988,7 @@ static int geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
> > > __be16 sport;
> > > int err;
> > >
> > > - if (!pskb_network_may_pull(skb, sizeof(struct ipv6hdr)))
> > > + if (!pskb_network_may_pull(skb, sizeof(struct iphdr)))
> > > return -EINVAL;
> >
> > Seems this is papering over some bug, this change makes no sense to
> > me. Can you please explain this?
>
> I'm not sure the original commit (6628ddfec758 ("net: geneve: check
> skb is large enough for IPv4/IPv6 header")) is correct either. GENEVE
> isn't limited to carrying IP, I think an ethernet header with not much
> else on top should be valid.

Maybe, but we still attempt to use ip_hdr() in this case, from
geneve_get_v6_dst()

So there is something fishy.

2021-04-22 17:20:44

by Sabrina Dubroca

[permalink] [raw]
Subject: Re: [PATCH] net: geneve: modify IP header check in geneve6_xmit_skb

2021-04-22, 18:52:10 +0200, Eric Dumazet wrote:
> On Thu, Apr 22, 2021 at 6:04 PM Sabrina Dubroca <[email protected]> wrote:
> >
> > 2021-04-22, 02:39:42 +0200, Florian Westphal wrote:
> > > Phillip Potter <[email protected]> wrote:
> > > > Modify the check in geneve6_xmit_skb to use the size of a struct iphdr
> > > > rather than struct ipv6hdr. This fixes two kernel selftest failures
> > > > introduced by commit 6628ddfec758
> > > > ("net: geneve: check skb is large enough for IPv4/IPv6 header"), without
> > > > diminishing the fix provided by that commit.
> > >
> > > What errors?
> > >
> > > > Reported-by: kernel test robot <[email protected]>
> > > > Signed-off-by: Phillip Potter <[email protected]>
> > > > ---
> > > > drivers/net/geneve.c | 2 +-
> > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > > >
> > > > diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
> > > > index 42f31c681846..a57a5e6f614f 100644
> > > > --- a/drivers/net/geneve.c
> > > > +++ b/drivers/net/geneve.c
> > > > @@ -988,7 +988,7 @@ static int geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
> > > > __be16 sport;
> > > > int err;
> > > >
> > > > - if (!pskb_network_may_pull(skb, sizeof(struct ipv6hdr)))
> > > > + if (!pskb_network_may_pull(skb, sizeof(struct iphdr)))
> > > > return -EINVAL;
> > >
> > > Seems this is papering over some bug, this change makes no sense to
> > > me. Can you please explain this?
> >
> > I'm not sure the original commit (6628ddfec758 ("net: geneve: check
> > skb is large enough for IPv4/IPv6 header")) is correct either. GENEVE
> > isn't limited to carrying IP, I think an ethernet header with not much
> > else on top should be valid.
>
> Maybe, but we still attempt to use ip_hdr() in this case, from
> geneve_get_v6_dst()
>
> So there is something fishy.

In ip_tunnel_get_dsfield()? Only if there's IP in the packet. Other
tunnel types (except vxlan, which probably has the same problem as
geneve) ues pskb_inet_may_pull, that looks like what we need here as
well.

--
Sabrina

2021-04-22 21:00:32

by Phillip Potter

[permalink] [raw]
Subject: Re: [PATCH] net: geneve: modify IP header check in geneve6_xmit_skb

On Thu, Apr 22, 2021 at 08:43:57AM +0200, Eric Dumazet wrote:
> On Thu, Apr 22, 2021 at 1:11 AM Phillip Potter <[email protected]> wrote:
> >
> > Modify the check in geneve6_xmit_skb to use the size of a struct iphdr
> > rather than struct ipv6hdr. This fixes two kernel selftest failures
> > introduced by commit 6628ddfec758
> > ("net: geneve: check skb is large enough for IPv4/IPv6 header"), without
> > diminishing the fix provided by that commit.
> >
> > Reported-by: kernel test robot <[email protected]>
> > Signed-off-by: Phillip Potter <[email protected]>
>
> SGTM, but _please_ add a Fixes: tag, since stable teams now depend on this,
> more than human parsing the changelog.
>
> Fixes: 6628ddfec758 ("net: geneve: check skb is large enough for
> IPv4/IPv6 header")
>

Dear Eric,

Thank you for your feedback, I will make sure the new patch has the
Fixes: tag in it.

Regards,
Phil

2021-04-22 21:06:34

by Phillip Potter

[permalink] [raw]
Subject: Re: [PATCH] net: geneve: modify IP header check in geneve6_xmit_skb

On Thu, Apr 22, 2021 at 07:18:49PM +0200, Sabrina Dubroca wrote:
> 2021-04-22, 18:52:10 +0200, Eric Dumazet wrote:
> > On Thu, Apr 22, 2021 at 6:04 PM Sabrina Dubroca <[email protected]> wrote:
> > >
> > > 2021-04-22, 02:39:42 +0200, Florian Westphal wrote:
> > > > Phillip Potter <[email protected]> wrote:
> > > > > Modify the check in geneve6_xmit_skb to use the size of a struct iphdr
> > > > > rather than struct ipv6hdr. This fixes two kernel selftest failures
> > > > > introduced by commit 6628ddfec758
> > > > > ("net: geneve: check skb is large enough for IPv4/IPv6 header"), without
> > > > > diminishing the fix provided by that commit.
> > > >
> > > > What errors?
> > > >
> > > > > Reported-by: kernel test robot <[email protected]>
> > > > > Signed-off-by: Phillip Potter <[email protected]>
> > > > > ---
> > > > > drivers/net/geneve.c | 2 +-
> > > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > > > >
> > > > > diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
> > > > > index 42f31c681846..a57a5e6f614f 100644
> > > > > --- a/drivers/net/geneve.c
> > > > > +++ b/drivers/net/geneve.c
> > > > > @@ -988,7 +988,7 @@ static int geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
> > > > > __be16 sport;
> > > > > int err;
> > > > >
> > > > > - if (!pskb_network_may_pull(skb, sizeof(struct ipv6hdr)))
> > > > > + if (!pskb_network_may_pull(skb, sizeof(struct iphdr)))
> > > > > return -EINVAL;
> > > >
> > > > Seems this is papering over some bug, this change makes no sense to
> > > > me. Can you please explain this?
> > >
> > > I'm not sure the original commit (6628ddfec758 ("net: geneve: check
> > > skb is large enough for IPv4/IPv6 header")) is correct either. GENEVE
> > > isn't limited to carrying IP, I think an ethernet header with not much
> > > else on top should be valid.
> >
> > Maybe, but we still attempt to use ip_hdr() in this case, from
> > geneve_get_v6_dst()
> >
> > So there is something fishy.
>
> In ip_tunnel_get_dsfield()? Only if there's IP in the packet. Other
> tunnel types (except vxlan, which probably has the same problem as
> geneve) ues pskb_inet_may_pull, that looks like what we need here as
> well.
>
> --
> Sabrina
>

Dear Sabrina,

Thank you for your feedback. I will try and rework the patch to fix my
original commit using the technique you suggest.

Regards,
Phil