Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp705337pxp; Wed, 9 Mar 2022 10:55:55 -0800 (PST) X-Google-Smtp-Source: ABdhPJyMIFwe5FxYhKv0e/7dAsvZ5UY8ZXJBoPaeQBMJ6ExFSqCtsXWJqPN74pjAH29kLROKjchE X-Received: by 2002:a05:6402:51a:b0:415:df45:8206 with SMTP id m26-20020a056402051a00b00415df458206mr845103edv.301.1646852155545; Wed, 09 Mar 2022 10:55:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646852155; cv=none; d=google.com; s=arc-20160816; b=QV2PsqJoOsYZNC9w0UQ2dt2GcsCkal3jN0JULAwVilKRycMAHN3gFrkLtoazt9qlHZ HGyVYKWN+IZTy8sKNtftH6r2NCMv+E9dwAm/j3OCx9DOBIx9KWJNPdmrFAGw6DOn/Ijq bbkb2rAQodY5laBpCzjzfcEJNtHkJbHc78vuN3SXfbxWSI2uESy61IReZEw7byND5Jtf Brif5vVdUEdCNLof0DyRw19/Ar76FskCiAhKGNThidPbXnitTQXB+Q5aX+TbAxRw1HVM OcmP6F4RSkLph2qZr04ukxlCJZgFSuZosHD16b3gpJiHixWXMIlAlFwG56Z6bMaeI563 Uahg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:to:content-language:subject:cc:user-agent:mime-version :date:message-id; bh=+pu43fJYfuojmmztmkYQRG905iVQiK6Ssb63TXyxDXM=; b=Bm6pcxNBjAkM/6lI1I8FRJzim8G1ou3Qe+S+GkbuNTKzZ9bbNOQc5aiZ1zO/mkakb/ OwRPI9nqic7kAxnB/O/nspkKVBUVQiXnnqld0zkOWe2NPj/gNBwNG7WvS+O7fE58i5d+ OlDlPYsVPggXI4utvuTB55KkNk9SEziUPokHrDXNKBW/bqu04Z307prA70wfE3KZbFeh qYcoe7247Kay/ezrMsZ7uCjeMkIWr0xI+xB5Vy+vQL0975ilnbo0Lcc/G8J00lOlFmgu 5Kd0MOHLUU4Kbvn8jH67xw0hhtsnXXlRp6swN6GjfFBGhYHpbpH1MO4N0bajt8T4tRWV oWYw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gs41-20020a1709072d2900b006da8ec5d385si1895794ejc.999.2022.03.09.10.55.30; Wed, 09 Mar 2022 10:55:55 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237086AbiCIRXt (ORCPT + 99 others); Wed, 9 Mar 2022 12:23:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45876 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233635AbiCIRXr (ORCPT ); Wed, 9 Mar 2022 12:23:47 -0500 X-Greylist: delayed 148721 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Wed, 09 Mar 2022 09:22:47 PST Received: from relay6-d.mail.gandi.net (relay6-d.mail.gandi.net [217.70.183.198]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 93970818BE; Wed, 9 Mar 2022 09:22:47 -0800 (PST) Received: (Authenticated sender: i.maximets@ovn.org) by mail.gandi.net (Postfix) with ESMTPSA id AF7D7C0003; Wed, 9 Mar 2022 17:22:43 +0000 (UTC) Message-ID: <5d89f306-d3fa-3e96-c4f3-587c9e3c605b@ovn.org> Date: Wed, 9 Mar 2022 18:22:42 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Cc: i.maximets@ovn.org, "David S. Miller" , Pravin B Shelar , Toms Atteka , netdev@vger.kernel.org, dev@openvswitch.org, linux-kernel@vger.kernel.org, Johannes Berg , Aaron Conole Subject: Re: [PATCH net-next] net: openvswitch: fix uAPI incompatibility with existing user space Content-Language: en-US To: Jakub Kicinski , Roi Dayan References: <20220309155623.2996968-1-i.maximets@ovn.org> From: Ilya Maximets In-Reply-To: <20220309155623.2996968-1-i.maximets@ovn.org> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_LOW,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 3/9/22 16:56, Ilya Maximets wrote: > Few years ago OVS user space made a strange choice in the commit [1] > to define types only valid for the user space inside the copy of a > kernel uAPI header. '#ifndef __KERNEL__' and another attribute was > added later. > > This leads to the inevitable clash between user space and kernel types > when the kernel uAPI is extended. The issue was unveiled with the > addition of a new type for IPv6 extension header in kernel uAPI. > > When kernel provides the OVS_KEY_ATTR_IPV6_EXTHDRS attribute to the > older user space application, application tries to parse it as > OVS_KEY_ATTR_PACKET_TYPE and discards the whole netlink message as > malformed. Since OVS_KEY_ATTR_IPV6_EXTHDRS is supplied along with > every IPv6 packet that goes to the user space, IPv6 support is fully > broken. > > Fixing that by bringing these user space attributes to the kernel > uAPI to avoid the clash. Strictly speaking this is not the problem > of the kernel uAPI, but changing it is the only way to avoid breakage > of the older user space applications at this point. > > These 2 types are explicitly rejected now since they should not be > passed to the kernel. Additionally, OVS_KEY_ATTR_TUNNEL_INFO moved > out from the '#ifdef __KERNEL__' as there is no good reason to hide > it from the userspace. And it's also explicitly rejected now, because > it's for in-kernel use only. > > Comments with warnings were added to avoid the problem coming back. > > [1] beb75a40fdc2 ("userspace: Switching of L3 packets in L2 pipeline") > > Fixes: 28a3f0601727 ("net: openvswitch: IPv6: Add IPv6 extension header support") > Link: https://lore.kernel.org/netdev/3adf00c7-fe65-3ef4-b6d7-6d8a0cad8a5f@nvidia.com > Link: https://github.com/openvswitch/ovs/commit/beb75a40fdc295bfd6521b0068b4cd12f6de507c > Reported-by: Roi Dayan > Signed-off-by: Ilya Maximets > --- > > Roi, could you please test this change on your setup? > > I didn't run system tests myself yet, setting up environment at the moment. OK. I set up my own environment and the patch doesn't seem to work. Investigating.