From patchwork Fri Mar 20 15:42:48 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Robert Shearman X-Patchwork-Id: 452693 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 0287814019D for ; Sat, 21 Mar 2015 02:44:17 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751560AbbCTPoM (ORCPT ); Fri, 20 Mar 2015 11:44:12 -0400 Received: from mx0a-000f0801.pphosted.com ([67.231.144.122]:38914 "EHLO mx0a-000f0801.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750823AbbCTPoK (ORCPT ); Fri, 20 Mar 2015 11:44:10 -0400 Received: from pps.filterd (m0000542.ppops.net [127.0.0.1]) by mx0a-000f0801.pphosted.com (8.14.7/8.14.7) with SMTP id t2KF3M8M007366; Fri, 20 Mar 2015 08:44:06 -0700 Received: from hq1wp-exchub02.corp.brocade.com ([144.49.131.13]) by mx0a-000f0801.pphosted.com with ESMTP id 1t8nek8434-3 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Fri, 20 Mar 2015 08:44:06 -0700 Received: from BRMWP-EXCHUB02.corp.brocade.com (172.16.187.99) by HQ1WP-EXCHUB02.corp.brocade.com (10.70.38.101) with Microsoft SMTP Server (TLS) id 14.3.123.3; Fri, 20 Mar 2015 08:44:04 -0700 Received: from BRMWP-EXMB11.corp.brocade.com (172.16.59.77) by BRMWP-EXCHUB02.corp.brocade.com (172.16.187.99) with Microsoft SMTP Server (TLS) id 14.3.123.3; Fri, 20 Mar 2015 09:44:00 -0600 Received: from EMEAWP-CASH01.corp.brocade.com (172.29.18.10) by BRMWP-EXMB11.corp.brocade.com (172.16.59.77) with Microsoft SMTP Server (TLS) id 15.0.1044.25; Fri, 20 Mar 2015 09:44:00 -0600 Received: from BRA-2XN4P12.brocade.com (10.72.36.3) by imapeu.brocade.com (172.29.18.15) with Microsoft SMTP Server (TLS) id 8.3.298.1; Fri, 20 Mar 2015 16:43:57 +0100 From: Robert Shearman To: CC: , Robert Shearman , "Eric W. Biederman" Subject: [PATCH net-next v2 3/5] mpls: Differentiate implicit-null and unlabeled neighbours Date: Fri, 20 Mar 2015 15:42:48 +0000 Message-ID: <1426866170-28739-4-git-send-email-rshearma@brocade.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1426866170-28739-1-git-send-email-rshearma@brocade.com> References: <1426800772-22378-1-git-send-email-rshearma@brocade.com> <1426866170-28739-1-git-send-email-rshearma@brocade.com> MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.13.68, 1.0.33, 0.0.0000 definitions=2015-03-05_07:2015-03-05, 2015-03-05, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=1 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1503050223 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The control plane can advertise labels for neighbours that don't have an outgoing label. RFC 3032 s3.22 states that either the remaining labels should be popped (if the control plane can determine that it's safe to do so, which in light of MPLS-VPN, RFC 4364, is never the case now) or that the packet should be discarded. Therefore, if the peer is unlabeled and the last label wasn't popped then drop the packet. The peer being unlabeled is signalled by an empty label stack. However, implicit-null still needs to be supported (i.e. penultimate hop popping) where the incoming label is popped and no labels are put on and the packet can still go out labeled with the unpopped part of the stack. This is achieved by the control plane specifying a label stack consisting of the single special implicit-null value. Cc: "Eric W. Biederman" Signed-off-by: Robert Shearman --- net/mpls/af_mpls.c | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c index bf3459a..e3586a7 100644 --- a/net/mpls/af_mpls.c +++ b/net/mpls/af_mpls.c @@ -28,7 +28,8 @@ struct mpls_route { /* next hop label forwarding entry */ struct rcu_head rt_rcu; u32 rt_label[MAX_NEW_LABELS]; u8 rt_protocol; /* routing protocol that set this entry */ - u8 rt_labels; + u8 rt_unlabeled : 1; + u8 rt_labels : 7; u8 rt_via_alen; u8 rt_via_table; u8 rt_via[0]; @@ -201,6 +202,11 @@ static int mpls_forward(struct sk_buff *skb, struct net_device *dev, if (unlikely(!new_header_size && dec.bos)) { if (!mpls_egress(rt, skb, dec)) goto drop; + } else if (rt->rt_unlabeled) { + /* Labeled traffic destined to unlabeled peer should + * be discarded + */ + goto drop; } else { bool bos; int i; @@ -385,9 +391,16 @@ static int mpls_route_add(struct mpls_route_config *cfg) if (!rt) goto errout; - rt->rt_labels = cfg->rc_output_labels; - for (i = 0; i < rt->rt_labels; i++) - rt->rt_label[i] = cfg->rc_output_label[i]; + if (cfg->rc_output_labels == 1 && + cfg->rc_output_label[0] == LABEL_IMPLICIT_NULL) { + rt->rt_labels = 0; + } else { + rt->rt_labels = cfg->rc_output_labels; + for (i = 0; i < rt->rt_labels; i++) + rt->rt_label[i] = cfg->rc_output_label[i]; + if (!rt->rt_labels) + rt->rt_unlabeled = true; + } rt->rt_protocol = cfg->rc_protocol; RCU_INIT_POINTER(rt->rt_dev, dev); rt->rt_via_table = cfg->rc_via_table;