Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 682B4C6FD1C for ; Tue, 14 Mar 2023 09:55:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229582AbjCNJzY (ORCPT ); Tue, 14 Mar 2023 05:55:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60198 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229516AbjCNJzW (ORCPT ); Tue, 14 Mar 2023 05:55:22 -0400 Received: from mail-ua1-x936.google.com (mail-ua1-x936.google.com [IPv6:2607:f8b0:4864:20::936]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7B678763CD; Tue, 14 Mar 2023 02:55:20 -0700 (PDT) Received: by mail-ua1-x936.google.com with SMTP id ay14so3624688uab.13; Tue, 14 Mar 2023 02:55:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1678787719; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=0Il9aSYFgvyC+QVRpoSnFZREA4Z/90xca38uXI7ssx4=; b=BlgOw0/01AaBqF4PBzqRb/yWW8lU9q25ndV1l+QuScHpAkN7rAsPaRoQUtQdvC7Ua8 D3ch+bOhUiZ49p0QsJK8wdz1/i4RL3Mu2JzVuBj/oZ3bpdA0UJYjds2MsF8YViyzJDAJ RshGQkpSPISDwgMT9up973C4JEimUoC4CS3rLrRjqJN3caI91vd31shRXIhW9lG+qEnz 8Q3eJx4vKGCM9de8y0EcjZb3oZ3BxCHdodZlkhPrxGHpHpfFBeQK9ih7YXylguCE2yde F/CKD0LsFDoLgkPc1S7Mqb6sh5LM87CT5wFSQeai35PPQxXfPL/SnA429hlul+CjF+XZ Mlrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678787719; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0Il9aSYFgvyC+QVRpoSnFZREA4Z/90xca38uXI7ssx4=; b=YGSBQtGXUQTxxU9JCQxex9t09fYVE4ndosamj4LvZpaFtTWO8ygA36/QrHN2Yn8DCw OX9t7e+98ft6GuLieoR6pkFV22ZdwWhZp+NusTiCvIOJRERhvcEfuVvBkcUafeO/aILX fC9XynYtHvl9ezk7JlO9kE86QyhV0IAXkYW85h+ew+Kj0lhOc9zUXQn1ciGvUfX1+5K4 uvL8G4WpXuMRblmvNoEv+IL6OG1Mg+qdutDcAQoi464ft3mjoHRpqVTpVRqWOP1/fErt n8QqmB3ThTe8Hbq94LsGg6Gc0SPtKro/Is0GxjuxWJqWgCnjS4bDka61cuuBf92XJ2zS 8dhA== X-Gm-Message-State: AO0yUKVOJH44gvJcmzdwJ2upY389iAGOzz6oMpLlfOFJ/VL7CaTKl3Xr kgnS02mzbRT4+qN6VHJXYWiFzEUQbLRyizxibHk= X-Google-Smtp-Source: AK7set/6MKWlYVJvaeh02CQeRyORxAEuEoedzIGcjVDrdsjiQrC3m8yxILNOPoyMBLBiQgoIWG1KVoPTUJFEuhsMIPE= X-Received: by 2002:a05:6122:1424:b0:432:3ef:c8be with SMTP id o4-20020a056122142400b0043203efc8bemr3494988vkp.3.1678787719334; Tue, 14 Mar 2023 02:55:19 -0700 (PDT) MIME-Version: 1.0 References: <20230312163726.55257-1-josef@miegl.cz> <57238dfc519a27b1b8d604879caa7b1b@miegl.cz> In-Reply-To: From: Eyal Birger Date: Tue, 14 Mar 2023 11:55:07 +0200 Message-ID: Subject: Re: [PATCH net-next] net: geneve: accept every ethertype To: Simon Horman Cc: Josef Miegl , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Pravin B Shelar Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On Mon, Mar 13, 2023 at 8:35=E2=80=AFPM Simon Horman wrote: > > On Mon, Mar 13, 2023 at 05:14:58PM +0000, Josef Miegl wrote: > > March 13, 2023 5:48 PM, "Simon Horman" wrot= e: > > > > > +Pravin > > > > > > On Sun, Mar 12, 2023 at 05:37:26PM +0100, Josef Miegl wrote: > > > > > >> The Geneve encapsulation, as defined in RFC 8926, has a Protocol Typ= e > > >> field, which states the Ethertype of the payload appearing after the > > >> Geneve header. > > >> > > >> Commit 435fe1c0c1f7 ("net: geneve: support IPv4/IPv6 as inner protoc= ol") > > >> introduced a new IFLA_GENEVE_INNER_PROTO_INHERIT flag that allowed t= he > > >> use of other Ethertypes than Ethernet. However, it imposed a restric= tion > > >> that prohibits receiving payloads other than IPv4, IPv6 and Ethernet= . > > >> > > >> This patch removes this restriction, making it possible to receive a= ny > > >> Ethertype as a payload, if the IFLA_GENEVE_INNER_PROTO_INHERIT flag = is > > >> set. > > >> > > >> This is especially useful if one wants to encapsulate MPLS, because = with > > >> this patch the control-plane traffic (IP, IS-IS) and the data-plane > > >> traffic (MPLS) can be encapsulated without an Ethernet frame, making > > >> lightweight overlay networks a possibility. > > > > > > Hi Josef, > > > > > > I could be mistaken. But I believe that the thinking at the time, > > > was based on the idea that it was better to only allow protocols that > > > were known to work. And allow more as time goes on. > > > > Thanks for the reply Simon! > > > > What does "known to work" mean? Protocols that the net stack handles wi= ll > > work, protocols that Linux doesn't handle will not. > > Yes, a good question. But perhaps it was more "known to have been tested"= . > > > > Perhaps we have moved away from that thinking (I have no strong feeli= ng > > > either way). Or perhaps this is safe because of some other guard. But= if > > > not perhaps it is better to add the MPLS ethertype(s) to the if claus= e > > > rather than remove it. > > > > The thing is it is not just adding one ethertype. For my own use-case, > > I would need to whitelist MPLS UC and 0x00fe for IS-IS. But I am sure > > other people will want to use GENEVE` for xx other protocols. > > Right, so the list could be expanded for known cases. > But I also understand your point, > which I might describe as this adding friction. > > > The protocol handling seems to work, what I am not sure about is if > > allowing all Ethertypes has any security implications. However, if thes= e > > implications exist, safeguarding should be done somewhere down the stoc= k. > > Yes, I believe that the idea was to limit the scope of such risks. > (Really, it was a long time ago, so I very likely don't recall everything= .) Digging a little into the history of this code I found this discussion [1] where this specific point was raised: >> + if (unlikely(geneveh->proto_type !=3D htons(ETH_P_TEB))) > > Why? I thought the point of geneve carrying protocol field was to > allow protocols other than Ethernet... is this temporary maybe? Yes, it is temporary. Currently OVS only handles Ethernet packets but this restriction can be lifted once we have a consumer that is capable of handling other protocols. This seems to have been ported as is when moving to a generic net device. So now that the consumer is capable of other protocols, the question is whether the restrictions should be lifted for any protocol or moderately. I went with the moderate approach when adding IP support, but I do see the merits in allowing any protocol without having to fiddle with this code. https://www.spinics.net/lists/netdev/msg290579.html