Received: by 10.213.65.68 with SMTP id h4csp1646070imn; Thu, 15 Mar 2018 05:52:10 -0700 (PDT) X-Google-Smtp-Source: AG47ELvFdZBueYRT83bPTnqbymaugfxG0KqtX4sMWC585nc/1Beh1kYAEAIKW/IfH1XvlQ1IgMPn X-Received: by 2002:a17:902:7b95:: with SMTP id w21-v6mr8188547pll.260.1521118330735; Thu, 15 Mar 2018 05:52:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521118330; cv=none; d=google.com; s=arc-20160816; b=TnI3QKWYxBBtKIDZ8z/dwvYlEDd0Q5MOl9CmHcnghzpALvksX5PNb/rPdp/RA9i9Gg 6kMCiHrDesD+nsPDPdA2gi+muiEUczpcuW/MAwFD6ajP5sEgcDmFZe4f6k+zW6kVmI48 08FrWUWcvZViJqBeM7gd/37kUYtMg8Q1eTItnCu1dkRvRhmrCj9/0jEchRS9m3zX7SYL DURbQ/G68pL8WnZG4jyKi96ezuVBkOklZcAJ+MfPDwzxzueUChYLR0yDz4JaZCRjFAjn KS/TT7fmUklz2LMC9hflNfmTRh0Z3UsPY9UmoAdts1FSTKuKSm3zKswvYR3cHrh2poEA jKUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature:arc-authentication-results; bh=l1zqNvk9vQuf3GuWOFuUQ4FlFxszsI86BCHJndZrKes=; b=EUsNDqXnqm2QlhTdVwfBVFsxIw1hwlwHmWhj5TEsm4V/w9D9eZrFVpgIlt2jlrlAmZ VBnVcAXVSD5fEZBPL41OW/6nnPpks2VpOdf43GOjm5sDQpTu6bHZd5v2H0CqIyPdcJjx +kd6lOGsSj8GoYR4X3R31MDuOkygApdetfUMuWccRwwy+Sm4AwtA1X4SEuGxgWrP47ok Xl5Y/0dh/3EVbjVnQopAtVVvwIVfnbFnbCguCW25koXy9naCSk/1fB5vUPHvrcqdVHEA 5Tc9FJY829j/ZzMmJukCgzGeaxUHMfYBD34c/CdtwQ8aK7hi9TCznAJS3cfW2p8tUyNt TOLA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=fnh8voyC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y86si3837488pfi.19.2018.03.15.05.51.56; Thu, 15 Mar 2018 05:52:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=fnh8voyC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752071AbeCOMuy (ORCPT + 99 others); Thu, 15 Mar 2018 08:50:54 -0400 Received: from mail-wm0-f68.google.com ([74.125.82.68]:51476 "EHLO mail-wm0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751466AbeCOMuw (ORCPT ); Thu, 15 Mar 2018 08:50:52 -0400 Received: by mail-wm0-f68.google.com with SMTP id h21so10203817wmd.1; Thu, 15 Mar 2018 05:50:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=l1zqNvk9vQuf3GuWOFuUQ4FlFxszsI86BCHJndZrKes=; b=fnh8voyCNYGxpcyim85h9/IBjrlbFWVVxOS/bh7lLpkJ7DZ/8vmodY5gbbaX8oR/Gx uGYp/uMptJkXMzgDqjPE4CM/618e/r48C3alAiusCRJZD/XLgSeJZ/4nd0rs2t04CtIE 3bRoohha9Dyz0HERjpJUpy56Y9lAljiIztAi2oRxro49ASIRmUS7lzfUB/dKn1mwZbVd eD12ZdgACVyU+YL4sQiPrZw9YuHY03I5ePW7+OthvILRCy2ExwWrC89YAaHSbO4buHjo 4+BToG31+fZuMOEnrLAcsYbvYXg9Z1vu+0WBVNw2NsKLPqLeMmWpaoQAx/6hLUT+KA1U RWAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=l1zqNvk9vQuf3GuWOFuUQ4FlFxszsI86BCHJndZrKes=; b=QaavuladiT7xcC3pVdP/P5WFnQjiyWQE+kJXG4F165gwVDtayVUfMPyXtpbEUfP2PK 8quL/1oNeQUVxzIiSTCSFTBPrszRLHYBEqmwC9ByThaMAtmTEyR2i6Q4oKwpvxvmOeUG lIeyr1Ry39DkyUx4GrOqXqmM0eD+tEKDs1Jm1odvs/hlaxNdPebeRwxtfSc+7+YeJRqW AcaArM9pamWYOLKGmn3/rAxCptkHZEJ4OYEbus1PkwiIYT/4LcolnCSkFQydIsJm+BrB Tfl/kBXVlcKPpY6XMXAnco1SQbIYKxk/vbMywXCyz5NXyOqtI5yK7VcEsO40463jVIzd 5uWw== X-Gm-Message-State: AElRT7GIhZlrgRErh1EeBUguTJ5g42wU6nTD2NdMfVx4fFRVFlhiYPOh mo+MH2OjqNftLI5XCrX6C1g= X-Received: by 10.28.59.130 with SMTP id i124mr4395852wma.23.1521118250875; Thu, 15 Mar 2018 05:50:50 -0700 (PDT) Received: from halley ([141.226.179.122]) by smtp.gmail.com with ESMTPSA id n8sm5067443wrf.12.2018.03.15.05.50.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Mar 2018 05:50:49 -0700 (PDT) Date: Thu, 15 Mar 2018 14:50:38 +0200 From: Shmulik Ladkani To: Daniel Borkmann Cc: Liran Alon , davem@davemloft.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, idan.brown@oracle.com, Yuval Shaia Subject: Re: [PATCH] net: dev_forward_skb(): Scrub packet's per-netns info only when crossing netns Message-ID: <20180315145038.16df4fea@halley> In-Reply-To: References: <1520953642-8145-1-git-send-email-liran.alon@oracle.com> <20180315112150.58586758@halley> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On Thu, 15 Mar 2018 12:56:13 +0100 Daniel Borkmann wrote: > On 03/15/2018 10:21 AM, Shmulik Ladkani wrote: > > > > Regarding veth xmit, it does makes sense to preserve the fields if not > > crossing netns. This is also the case when one uses tc mirred. > > > > Regarding bpf redirect, well, it depends on the expectations of each bpf > > program. > > I'd argue that preserving the fields (at least the mark field) in the > > *non* xnet makes sense and provides more information and therefore more > > capabilities; Alas this might change behavior already being relied on. > > > > Maybe Daniel can comment on the matter. > > Overall I think it might be nice to not need scrubbing skb in such cases, > although my concern would be that this has potential to break existing > setups when they would expect mark being zero on other veth peer in any > case since it's the behavior for a long time already. The safer option > would be to have some sort of explicit opt-in e.g. on link creation to let > the skb->mark pass through unscrubbed. This would definitely be a useful > option e.g. when mark is set in the netns facing veth via clsact/egress > on xmit and when the container is unprivileged anyway. For the veth xmit case, an opt-in flag which disables mark scrubbing in the *non* xnet veth-pair seems reasonable. But what about bpf_redirect BPF_F_INGRESS, in setups not invovling containers? Currently bpf_redirect is implemented using dev_forward_skb which *fully* scrubs the skb, even if the target device is on same netns as skb->dev is. One might use ebpf programs that perform BPF_F_INGRESS bpf_redirect, for example for demuxing skbs arriving on some "master" device into various "slave" devices using specialized critiria. It would be beneficial to have the mark preserved when skb is injected to the slave device's rx path (especially when it's on the same netns). Liran's patch fixes this - but at the cost of changing existing behavior for BPF_F_INGRESS users (formerly: fully scrubbed; post patch: scrubbed only if xnet). I wonder, do you know of implementations that actually RELY on the fact that BPF_F_INGRESS actually clears the mark, in the *non* xnet case? Regards, Shmulik