Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp4121876ybz; Mon, 20 Apr 2020 16:16:13 -0700 (PDT) X-Google-Smtp-Source: APiQypIeKI24rfgtllM2j0eg4bOAwLiFMVtRFGllzovFfSowd65CxYTqQ/ZoF8qY3Smr0dx4GhS2 X-Received: by 2002:a05:6402:4a:: with SMTP id f10mr17194677edu.274.1587424573641; Mon, 20 Apr 2020 16:16:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587424573; cv=none; d=google.com; s=arc-20160816; b=XpUE/c1JxHaMeiT1Ri1Qrt/jmVFc1QJBOrSXuBXts7LJX3cRW9PDryQBeMBpljdNny EbD35qYoj2ocEKoC70Uh/6jfn4UwVXNoVcHQanEdpn8JjxWTHUOg8zyFbO7Tb9KygPBr P+aS0skz+2cWqRzwjegNIklahTQCFC1EUcHGtu7UuuSBifHCr4hhh7kgyDrYTbtVGw4t 8fxrENA685HV0kKFUXHrfsP8G2OGD165LObGvH4Ur9kybH1ZvbbhpS3/NYAnBENYO5dO ulXb2x0mdSJ3IcMCtdc2buCuS9OL3sMrNwGIiRhq8qbfN7zHUXToOg1pVnYxIVIzrZwY kXGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=B9l1xnPXy+nd1araMR4jj9v6EoE/02twAyj3rEmsRf0=; b=HcDzGs1wliBAfMEZ/b9vd1R1osqfXXuMM0H/FLLNNntDYi8tHir8oe71/lwZmwe5rC KRBSKJLJzCtM8SQdepAgowOfTmQKW3tE0zujGj60S+Yf91BZrrvXbmEuJgTxWGPB2QoA /BDnEee3qRGvzXi9JqGRCBK+q767X7fDKf5AItxqHmFMxubuCYID9cXMgEtpvvxUDfUV P61J30T6uBjgGQBEXLCqcdDf/iR8ZUebjIhbCQSxRZIIYinKcca+yddrXcMcyVDqonCl uyegeztcI8WopXEoy2LjR7Q0pGR3rGLZjrLYORv5+roeugHllay5MF3hyS+NvqQ/xB0H ISaw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Qo3nMwIZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id oy6si409989ejb.383.2020.04.20.16.15.50; Mon, 20 Apr 2020 16:16:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Qo3nMwIZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727965AbgDTXOh (ORCPT + 99 others); Mon, 20 Apr 2020 19:14:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47824 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S1726006AbgDTXOg (ORCPT ); Mon, 20 Apr 2020 19:14:36 -0400 Received: from mail-pj1-x1041.google.com (mail-pj1-x1041.google.com [IPv6:2607:f8b0:4864:20::1041]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6CE08C061A0E; Mon, 20 Apr 2020 16:14:36 -0700 (PDT) Received: by mail-pj1-x1041.google.com with SMTP id 7so492117pjo.0; Mon, 20 Apr 2020 16:14:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=B9l1xnPXy+nd1araMR4jj9v6EoE/02twAyj3rEmsRf0=; b=Qo3nMwIZxwV+JnTDsHKZBw3VFZ/3gsqrTBlYyOAfD3qEdMSTuG6rQtDwQYaI9HRtZj R64vAkjVpc1IyWSorbWVlhn+tAybBjcBd1Kare60iou2FUphVgSHZtx7giBk0TkDn88y kOBV0eM++FFCQ9+r3o4TygDT7A5199KVWvIcPv23XR3hR+/ne8U38yrHlJNfaCKjlj6l kjKZQ2Evu5Vc/ITLiUw1r98hc1+7A+/KCOMdYWbrH3vjbqR9igxzM0B/qLyxbqQKVIkL IyCVXfcCrbdyLE3IqsmlKfzwH4qEEwDc9itUMJ6ji3cmUHDyGt7D8I25Upl4AV+fkPcg FQCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=B9l1xnPXy+nd1araMR4jj9v6EoE/02twAyj3rEmsRf0=; b=Bh4d7JMLviPLjFtu8qst3Gs/wXXI/YUYolT+zwCr/nMduQ34oNloMuSteiPJU53GmS 5wZrKczYtpAnuxsRdoJ5OEW32rTyIvG5RIw8OpgbRn0tQvUlviK6Yyu29o8WAqAXGKpp j5PQA6sE0Y7Z/7fRYOLffMznLbAXAGxdY0N5aDVwQyNsh2EY39z3Vm/0gp75kKAbrZYI mpLCmNpCC88JENASGrjzCvDr1HkL102hLNKi55gAE6RvitlbxsPDorWVCNJrrXyx8jcC nl2HJLa0N+eRVtGpspYgUadbD39UPpzPbBsXoiMtNKQ+2EfagmnLDdTluWhgB0K50d3g +2IQ== X-Gm-Message-State: AGi0PuZ3CzDq/6bd3knj0kzAd/MYoDrdH9e3MWuENPvy/SUwM8fYZ5OA WJMKElPFfxqtONECJZxxHPM= X-Received: by 2002:a17:902:bf09:: with SMTP id bi9mr2729845plb.193.1587424475924; Mon, 20 Apr 2020 16:14:35 -0700 (PDT) Received: from athina.mtv.corp.google.com ([2620:15c:211:0:c786:d9fd:ab91:6283]) by smtp.gmail.com with ESMTPSA id v26sm549726pfe.121.2020.04.20.16.14.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 20 Apr 2020 16:14:35 -0700 (PDT) From: =?UTF-8?q?Maciej=20=C5=BBenczykowski?= To: =?UTF-8?q?Maciej=20=C5=BBenczykowski?= , Alexei Starovoitov , Daniel Borkmann Cc: Linux Network Development Mailing List , linux-kernel@vger.kernel.org, "David S . Miller" Subject: [PATCH] [RFC] net: bpf: make __bpf_skb_max_len(skb) an skb-independent constant Date: Mon, 20 Apr 2020 16:14:27 -0700 Message-Id: <20200420231427.63894-1-zenczykowski@gmail.com> X-Mailer: git-send-email 2.26.1.301.g55bc3eb7cb9-goog MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Maciej Żenczykowski This function is used from: bpf_skb_adjust_room __bpf_skb_change_tail __bpf_skb_change_head but in the case of forwarding we're likely calling these functions during receive processing on ingress and bpf_redirect()'ing at a later point in time to egress on another interface, thus these mtu checks are for the wrong device. This is particularly problematic if we're receiving on an L3 1500 mtu cellular interface, trying to add an L2 header and forwarding to an L3 mtu 1500 mtu wifi/ethernet device. The mtu check prevents us from adding the ethernet header prior to forwarding the packet. After the packet has already been redirected, we'd need to add an additional 2nd ebpf program on the target device's egress tc hook, but then we'd also see non-redirected traffic and have no easy way to tell apart normal egress with ethernet header packets from forwarded ethernet headerless packets. Signed-off-by: Maciej Żenczykowski --- net/core/filter.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/core/filter.c b/net/core/filter.c index ec567d1e6fb9..1e119a47f9fe 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -3159,8 +3159,7 @@ static int bpf_skb_net_shrink(struct sk_buff *skb, u32 off, u32 len_diff, static u32 __bpf_skb_max_len(const struct sk_buff *skb) { - return skb->dev ? skb->dev->mtu + skb->dev->hard_header_len : - SKB_MAX_ALLOC; + return SKB_MAX_ALLOC; } BPF_CALL_4(bpf_skb_adjust_room, struct sk_buff *, skb, s32, len_diff, -- 2.26.1.301.g55bc3eb7cb9-goog