Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp3106061pxm; Mon, 28 Feb 2022 12:07:46 -0800 (PST) X-Google-Smtp-Source: ABdhPJx8krjrFJCPa89//wXraup6eu2dHqc/V/2+VMRA+bmB0hlWiCXlb3JAqEcKJuZd07+d5h13 X-Received: by 2002:aa7:8b13:0:b0:4f0:f393:ec42 with SMTP id f19-20020aa78b13000000b004f0f393ec42mr23173922pfd.6.1646078866309; Mon, 28 Feb 2022 12:07:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646078866; cv=none; d=google.com; s=arc-20160816; b=WGkG54OModY2FneXj/ZV2Tgfad+wX7T4FV4CmY/SIISlmJ/ZXvGjID3D5Hbmoa/ked Ar+iARNQyoTNKsqLHfvL74hWQP5RgTudMDan1+WMeUv7q572dsIxDoUcoMFdf5Cd2fan 7V8ICLrE8pQyNtc4Y207rG3WaZEVpJEjebtmxVLwwmg6+JG8svt4VAVbk90sBCbAQW7d LrDI3ViuGTiy5bS/cxzxv4dAiXcM13DVdoVklZE9QxtJyVlnak/6NzrjZjv0y7LYN6O8 ZaH5jN8drNEIhhKMVd5XGw8Ly5Fq72c2T/KST95BHWtRPYwoYkvor5Ew/aa0kx/xKT04 L2jA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=SDPSIZvQzd9/LrM4xtqTyL9LWdgafAYbkzUXOYrThDY=; b=aaoIRr23SyeARZJ1eZJ7WTtaxJPnjiwQExY3Vt5KhfmsDDImisTvlTKw5VF9NKFSoK 8HcBkT9ShIG7VTAHaFLAsQ16JH9QntkDfBOiY5GRDIPB03iCjcXC0mhrPq3bJI9/3aTz uU/7XDqikamMsJDoZcoEk+NaJBk9oLKX5CnyavenO2d5eL9ph0knuyKo+C7/xxB1B/uD ekWcRTaPe5SpoXPbz2e5+Nu1tRoaP9FkNvO8mAosY3FhTIvYAy+kCpQkguBbF/34Ty6U EsR9rjtZ/HKlq06S2eSqx3PxTT14hnGd5O95Moi5GLBmHJACZRx7R6/evPp9kYMCvHdC 4suw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=QMq2u1iH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id l21-20020a056a0016d500b004f23eb797a1si11037546pfc.112.2022.02.28.12.07.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 28 Feb 2022 12:07:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=QMq2u1iH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 0558792D05; Mon, 28 Feb 2022 11:32:53 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235832AbiB1RcW (ORCPT + 99 others); Mon, 28 Feb 2022 12:32:22 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47572 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237077AbiB1RbJ (ORCPT ); Mon, 28 Feb 2022 12:31:09 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1E8687D03C; Mon, 28 Feb 2022 09:28:38 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id C2458B815B1; Mon, 28 Feb 2022 17:28:36 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 203AFC36AE3; Mon, 28 Feb 2022 17:28:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1646069315; bh=wp/CNINPmG/IfckvUO3BjhqwBozPIZZmmCvQx9pBxIc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=QMq2u1iHjBsOht0Zqt5iMyRS2OVr/h+VRAJNgEVEFLWNScpk2RkyZNBVJQfCuSYT4 BtEx7P4ag3DkLW1SL+1v+cqH0ZMWkfXny1H7uw9CY+96hr8Yp93zKhBNd95g+WaE59 coE/pPyQ3Gn9BAVJKno9Q1xHbtj0+YInLeEJo3P0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Tao Liu , Willem de Bruijn , "David S. Miller" Subject: [PATCH 4.19 10/34] gso: do not skip outer ip header in case of ipip and net_failover Date: Mon, 28 Feb 2022 18:24:16 +0100 Message-Id: <20220228172209.324456311@linuxfoundation.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220228172207.090703467@linuxfoundation.org> References: <20220228172207.090703467@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Tao Liu commit cc20cced0598d9a5ff91ae4ab147b3b5e99ee819 upstream. We encounter a tcp drop issue in our cloud environment. Packet GROed in host forwards to a VM virtio_net nic with net_failover enabled. VM acts as a IPVS LB with ipip encapsulation. The full path like: host gro -> vm virtio_net rx -> net_failover rx -> ipvs fullnat -> ipip encap -> net_failover tx -> virtio_net tx When net_failover transmits a ipip pkt (gso_type = 0x0103, which means SKB_GSO_TCPV4, SKB_GSO_DODGY and SKB_GSO_IPXIP4), there is no gso did because it supports TSO and GSO_IPXIP4. But network_header points to inner ip header. Call Trace: tcp4_gso_segment ------> return NULL inet_gso_segment ------> inner iph, network_header points to ipip_gso_segment inet_gso_segment ------> outer iph skb_mac_gso_segment Afterwards virtio_net transmits the pkt, only inner ip header is modified. And the outer one just keeps unchanged. The pkt will be dropped in remote host. Call Trace: inet_gso_segment ------> inner iph, outer iph is skipped skb_mac_gso_segment __skb_gso_segment validate_xmit_skb validate_xmit_skb_list sch_direct_xmit __qdisc_run __dev_queue_xmit ------> virtio_net dev_hard_start_xmit __dev_queue_xmit ------> net_failover ip_finish_output2 ip_output iptunnel_xmit ip_tunnel_xmit ipip_tunnel_xmit ------> ipip dev_hard_start_xmit __dev_queue_xmit ip_finish_output2 ip_output ip_forward ip_rcv __netif_receive_skb_one_core netif_receive_skb_internal napi_gro_receive receive_buf virtnet_poll net_rx_action The root cause of this issue is specific with the rare combination of SKB_GSO_DODGY and a tunnel device that adds an SKB_GSO_ tunnel option. SKB_GSO_DODGY is set from external virtio_net. We need to reset network header when callbacks.gso_segment() returns NULL. This patch also includes ipv6_gso_segment(), considering SIT, etc. Fixes: cb32f511a70b ("ipip: add GSO/TSO support") Signed-off-by: Tao Liu Reviewed-by: Willem de Bruijn Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/ipv4/af_inet.c | 5 ++++- net/ipv6/ip6_offload.c | 2 ++ 2 files changed, 6 insertions(+), 1 deletion(-) --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c @@ -1338,8 +1338,11 @@ struct sk_buff *inet_gso_segment(struct } ops = rcu_dereference(inet_offloads[proto]); - if (likely(ops && ops->callbacks.gso_segment)) + if (likely(ops && ops->callbacks.gso_segment)) { segs = ops->callbacks.gso_segment(skb, features); + if (!segs) + skb->network_header = skb_mac_header(skb) + nhoff - skb->head; + } if (IS_ERR_OR_NULL(segs)) goto out; --- a/net/ipv6/ip6_offload.c +++ b/net/ipv6/ip6_offload.c @@ -98,6 +98,8 @@ static struct sk_buff *ipv6_gso_segment( if (likely(ops && ops->callbacks.gso_segment)) { skb_reset_transport_header(skb); segs = ops->callbacks.gso_segment(skb, features); + if (!segs) + skb->network_header = skb_mac_header(skb) + nhoff - skb->head; } if (IS_ERR_OR_NULL(segs))