Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp488643rwb;
        Thu, 12 Jan 2023 08:31:30 -0800 (PST)
X-Google-Smtp-Source: AMrXdXsRDv5BrppN+Q573INI56w4k+2Y1dP5Hnxi2lH5OOy7l5rkoXBOborAjd9NCJ6dVM+j8ABn
X-Received: by 2002:a05:6a20:d686:b0:b6:5d9f:cd8c with SMTP id it6-20020a056a20d68600b000b65d9fcd8cmr6496290pzb.54.1673541090062;
        Thu, 12 Jan 2023 08:31:30 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1673541090; cv=none;
        d=google.com; s=arc-20160816;
        b=rhwu73m3jIn7gB6kkL8Iq1PRWzaRPZCpFjJktgTxQmGL0WWsK1s2nDOOdb8U08vWyf
         TRInZTUOY7lSvX/gEaHKR1uD8Z9vYSwIriBhP9wBvXLML9ZeFxYAMg7XZJR+jAlxsvt9
         uXzRsbxPMjwdPegOsjDKCK5G6AJeFs3aFwF0kcSt2WQ+XYEs+fm2hkYSn15pQz3XTi2M
         nbsdls5m/S+3VkJQg5H+xqS7fB6v3rhqwFf0nd8bjokU7XeVVqtMQvFHmvlQOCkqu6MS
         deypRheco/mMEKAfvK7XX64wTjwxIKEoUMssqMUllvD8Ym9zRm3HIgiv6JtqG3vg48KT
         IYYg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:cc:to:subject
         :message-id:date:from:in-reply-to:references:mime-version
         :dkim-signature;
        bh=27xqJWdcru6xXrx9U2TMVWvDMNXWrOANKcIbhlsNAL4=;
        b=jdpfpSPPRvks3e41mQhhUwT1XiyIQKf7ImN7473jv0LqKmiwrGDdq6s1Fb9uOfBn9m
         rh6FHQaXaT31GW2zgZyYGkVuVNgormxU9jBhlCoNrdLvGtYhRlk7m6EWqLdaz4Z3b7Le
         4PhTzt9Q1nqr4QdlZfl2hvhGfimwOMapHRYUWw4jsXObOlYt086+AeKTSQY+2Oi6gOgr
         gE1PTHTDwZCw1RsRXeVrU7EgPAm8luGsPwCvgxJ8dEUYGX2UPsmi2ri1ZUoFVVJRkmIw
         GxkH2NHxVlmW40H39gp/KSRGM63S7gj7RokJhKZmTBYxdjRhE4CrxN5QFSG3KcezPD0G
         4WfQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=EmEZxVAA;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id bc22-20020a656d96000000b004ad990a963asi16137617pgb.648.2023.01.12.08.31.23;
        Thu, 12 Jan 2023 08:31:30 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=EmEZxVAA;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231580AbjALQML (ORCPT <rfc822;a839024@gmail.com> + 50 others);
        Thu, 12 Jan 2023 11:12:11 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50304 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S234036AbjALQLo (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 12 Jan 2023 11:11:44 -0500
Received: from mail-yb1-xb2c.google.com (mail-yb1-xb2c.google.com [IPv6:2607:f8b0:4864:20::b2c])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D04CF120BF
        for <linux-kernel@vger.kernel.org>; Thu, 12 Jan 2023 08:05:36 -0800 (PST)
Received: by mail-yb1-xb2c.google.com with SMTP id 203so19193317yby.10
        for <linux-kernel@vger.kernel.org>; Thu, 12 Jan 2023 08:05:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=27xqJWdcru6xXrx9U2TMVWvDMNXWrOANKcIbhlsNAL4=;
        b=EmEZxVAAgKHQ/nmPUB4gKobtgXf43rCTC8hXPKl4NmXER2qFaXuEaNbH2usLOKZaqx
         rDopsVKcV9prVQM6dmU01FHlPOLUN+irqAQVD6YkEW/lbw5a7mghl5bviijzEZX+HsYZ
         pGt4j4X5YWXHg5QC/zHjzZSjrthanc0OA6NzLHvPgl7lU8kQdlgcX1vroOw6ZGaBChbR
         TTwQhn3cKS1AXkDIpdACkCrXxSAPqy5c8j0CsDzld9Z8T9R2vRD0Drtd8mm+ZELVZ0MG
         9WquxnaElHDqE9fRgxL/EajktTeZf6L+3m59wU/yDjSHzYi5c+G99zOq8oOqCGyNTq2f
         K2Rg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=27xqJWdcru6xXrx9U2TMVWvDMNXWrOANKcIbhlsNAL4=;
        b=O5T4U9gAE9EY+/JSMCVQoJtNmsxxX4edFVkcZD2Cq6oTwszdrqUknwDVgViwAWbKvt
         +cGaZjPzDtGlAehxW6VExeljjPfGe1ry7sNnf8PvPZHJRC4ck+zBvA1+spp7KdSwsz45
         REbSVzzsySwEOtwXRFoR77Sl7pOjrAeSdmjEkJtJFnFY/JTAIaj6WwVJyJOrWRJ9tJqI
         YK0rYQOzYUeHOncvjXD/8/u8QSxnSVi+5GE6ayMrY14hi+UoMJM6NQKebkOAgRLnSA0D
         Olehew/xMD7K3C6NCfgrYMin/gaiHj/DSlJovoPd8Nngp2OqCbSYNZXALk2bvaSwI/Zi
         N9Vg==
X-Gm-Message-State: AFqh2kospvM08tYq9jqEOw3dwELKNtitZKSO1DQePJmXb75Sb19HCrYt
        rhpkta9yie3nykDUqkMdAn+DkO7UqI2S149dnci8KA==
X-Received: by 2002:a5b:309:0:b0:703:e000:287 with SMTP id j9-20020a5b0309000000b00703e0000287mr8176328ybp.171.1673539535959;
 Thu, 12 Jan 2023 08:05:35 -0800 (PST)
MIME-Version: 1.0
References: <20230110191725.22675-1-admin@netgeek.ovh> <20230110191725.22675-2-admin@netgeek.ovh>
In-Reply-To: <20230110191725.22675-2-admin@netgeek.ovh>
From:   Willem de Bruijn <willemb@google.com>
Date:   Thu, 12 Jan 2023 11:04:58 -0500
Message-ID: <CA+FuTSdq5E7GMUghfoXMrs5_muv6VbhFym8DEhw=rAgStuvkQg@mail.gmail.com>
Subject: Re: [PATCH net 2/2] net/af_packet: fix tx skb network header on
 SOCK_RAW sockets over VLAN device
To:     =?UTF-8?Q?Herv=C3=A9_Boisse?= <admin@netgeek.ovh>
Cc:     "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Jakub Kicinski <kuba@kernel.org>,
        Paolo Abeni <pabeni@redhat.com>, netdev@vger.kernel.org,
        linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
        ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,
        USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Jan 10, 2023 at 2:38 PM Herv=C3=A9 Boisse <admin@netgeek.ovh> wrote=
:
>
> When an application sends a packet on a SOCK_RAW socket over a VLAN devic=
e,
> there is a possibility that the skb network header is incorrectly set.
>
> The issue happens when the device used to send the packet is a VLAN devic=
e
> whose underlying device has no VLAN tx hardware offloading support.
> In that case, the VLAN driver reports a LL header size increased by 4 byt=
es
> to take into account the tag that will be added in software.
>
> However, the socket user has no clue about that and still provides a norm=
al
> LL header without tag.

This is arguably a mistake.

A process using PF_PACKET to write to a device must know the link layer typ=
e.
SOCK_RAW should prepare a header equivalent to dev_hard_header (which
prepares it for SOCK_DGRAM). vlan_dev_hard_header clearly adds both the
Ethernet header and VLAN tag.

If applications assume virtual VLAN device exposes an Ethernet link layer,
then net/8021q/vlan_dev.c needs to expose that, including that hard_header_=
len.


> This results in the network header of the skb being shifted 4 bytes too f=
ar
> in the packet. This shift makes tc classifiers fail as they point to
> incorrect data.
>
> Move network header right after underlying VLAN device LL header size
> without tag, regardless of hardware offloading support. That is, the
> expected LL header size from socket user.
>
> Signed-off-by: Herv=C3=A9 Boisse <admin@netgeek.ovh>
> ---
>  net/packet/af_packet.c | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
>
> diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
> index c18274f65b17..be892fd498a6 100644
> --- a/net/packet/af_packet.c
> +++ b/net/packet/af_packet.c
> @@ -1933,6 +1933,18 @@ static void packet_parse_headers(struct sk_buff *s=
kb, struct socket *sock)
>                 skb->protocol =3D dev_parse_header_protocol(skb);
>         }
>
> +       /* VLAN device may report bigger LL header size due to reserved r=
oom for
> +        * tag on devices without hardware offloading support
> +        */
> +       if (is_vlan_dev(skb->dev) &&
> +           (sock->type =3D=3D SOCK_RAW || sock->type =3D=3D SOCK_PACKET)=
) {

Let's also try very hard to avoid adding branches in the hot path for
cases this rare.


> +               struct net_device *real_dev =3D vlan_dev_real_dev(skb->de=
v);
> +
> +               depth =3D real_dev->hard_header_len;
> +               if (pskb_may_pull(skb, depth))
> +                       skb_set_network_header(skb, depth);
> +       }
> +
>         /* Move network header to the right position for VLAN tagged pack=
ets */
>         if (likely(skb->dev->type =3D=3D ARPHRD_ETHER) &&
>             eth_type_vlan(skb->protocol) &&
> --
> 2.38.2
>