From patchwork Wed Nov  1 21:10:01 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Christoph Paasch <cpaasch@apple.com>
X-Patchwork-Id: 833118
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netdev-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=apple.com header.i=@apple.com
	header.b="RAhj7tSh"; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3yS17f2SNwz9t3v
	for <patchwork-incoming@ozlabs.org>;
	Thu,  2 Nov 2017 08:09:50 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S933443AbdKAVJr (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Wed, 1 Nov 2017 17:09:47 -0400
Received: from mail-out2.apple.com ([17.151.62.25]:46287 "EHLO
	mail-in2.apple.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org
	with ESMTP id S933175AbdKAVJn (ORCPT
	<rfc822;netdev@vger.kernel.org>); Wed, 1 Nov 2017 17:09:43 -0400
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s;
	c=relaxed/simple; q=dns/txt; i=@apple.com; t=1509570582;
	h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-Version:Content-Type:
	Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:
	List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
	bh=mPH0WLpvNrQEOyW5uWD3a49gTQe1+WIlKYk/ErVTl/o=;
	b=RAhj7tShzlTxd6meNBTLltCehmdWCVBwQDYaf2Cbl6ASB0g/iVdXvgSvApZNP5qm
	Zz18TFZqX0T1wqI/OSqmK9JAlrSw5HA4TMzeW1Dtaqa+MgmBVwkNu8WyeN9Chz3+
	Cy9MP1WkTfDSBkt61tRsntZgm7h17Z1kPRVw3lfd0wb/EOIfzm52gONuKw60Cw7h
	TiqkQjeZlsISqDZUMlgsLoeXCYy9xDyoQZ4xlIkls871RtXQ36vjJ/9gBFLTKs8i
	1fnR5+bkv2DhDJl4cmagvCvKdU4W2PcZi25rViQiJJUG+MroK1eYpYFTPuo24uTI
	eg+HaK6SVeTxHQNfJs4YZg==;
Received: from relay3.apple.com (relay3.apple.com [17.128.113.83])
	(using TLS with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client did not present a certificate)
	by mail-in2.apple.com (Apple Secure Mail Relay) with SMTP id
	A8.DB.22347.6183AF95; Wed,  1 Nov 2017 14:09:42 -0700 (PDT)
X-AuditID: 11973e11-163b19c00000574b-a3-59fa3816299f
Received: from nwk-mmpp-sz12.apple.com (nwk-mmpp-sz12.apple.com
	[17.128.115.204])
	by relay3.apple.com (Apple SCV relay) with SMTP id
	30.CA.23978.6183AF95; Wed,  1 Nov 2017 14:09:42 -0700 (PDT)
Content-transfer-encoding: 7BIT
Received: from localhost ([17.226.23.105]) by nwk-mmpp-sz12.apple.com
	(Oracle Communications Messaging Server 8.0.1.3.20170825 64bit (built
	Aug 25
	2017)) with ESMTPSA id <0OYR00JNRC45Q650@nwk-mmpp-sz12.apple.com>;
	Wed, 01 Nov 2017 14:09:42 -0700 (PDT)
From: Christoph Paasch <cpaasch@apple.com>
To: David Miller <davem@davemloft.net>
Cc: netdev@vger.kernel.org, Eric Dumazet <edumazet@google.com>
Subject: [PATCH net] tcp: Always cleanup skb before sending
Date: Wed, 01 Nov 2017 14:10:01 -0700
Message-id: <20171101211001.57901-1-cpaasch@apple.com>
X-Mailer: git-send-email 2.14.1
X-Brightmail-Tracker: 
 H4sIAAAAAAAAA+NgFvrOJMWRmVeSWpSXmKPExsUi2FAYrCtm8SvS4PZ+S4s551tYLJ4ee8Ru
	cWyBmAOzx5aVN5k8Fmwq9fi8SS6AOYrLJiU1J7MstUjfLoEr49XfBraCLrmKCe+nsTUw3pTo
	YuTkkBAwkXh35gRLFyMXh5DAaiaJ2+9fMsMk9m5oYoVIHGKUePLnM2MXIwcHs4C8xMHzsiA1
	QgKNTBIvXwWC2MICkhLdd+6A9bIJaEm8vd3OCmKLCKhJTDwxASzOLGAnMe34DCaQMcIC1hJb
	P3uAmCwCqhLH2uRAKngFzCR6b1xmhbhAXuLcg9vMIBdICCxhk9h1s4ttAiP/LIQjFjAyrmIU
	yk3MzNHNzDPSSywoyEnVS87P3cQICqnpdoI7GI+vsjrEKMDBqMTDe0D9V6QQa2JZcWXuIUZp
	DhYlcd5n/35GCgmkJ5akZqemFqQWxReV5qQWH2Jk4uCUamCs3JGR/0fd1GPeL4sJ7T+2HZ4+
	MSD5/Uad2XFVDi/6eN9PqmqcO+O+08ZL5nzrNwsqr18eJ/2+enJe3bn30w5W14YcrG086XQq
	yeW/woclNaxf9PcbfNRXfXnmZE624MYQ9cmHDrSKnHH02OX1w5CjwUmK9Z23d59LwmMOv75D
	M6bsi5+WcqZQiaU4I9FQi7moOBEA1ksxOgoCAAA=
X-Brightmail-Tracker: 
 H4sIAAAAAAAAA+NgFjrELMWRmVeSWpSXmKPExsUi2FB8RlfM4lekwdNHZhZzzrewWDw99ojd
	4tgCMQdmjy0rbzJ5LNhU6vF5k1wAc5ShTVp+UXliUYpCUXJBia1ScUZiSn55vKWxkalDYkFB
	Tqpecn6ukr6dTUpqTmZZapG+XYJhxqu/DWwFXXIVE95PY2tgvCnRxcjJISFgIrF3QxNrFyMX
	h5DAIUaJJ38+M3YxcnAwC8hLHDwvC1IjJNDIJPHyVSCILSwgKdF95w4ziM0moCXx9nY7K4gt
	IqAmMfHEBLA4s4CdxLTjM5hAxggLWEts/ewBYrIIqEoca5MDqeAVMJPovXGZFeICeYlzD24z
	T2DkmYWwdwEj4ypGgaLUnMRKYz24jzYxggOqMHgH459lVocYBTgYlXh4JbR+RQqxJpYVV+YC
	PcDBrCTCq64CFOJNSaysSi3Kjy8qzUktPsToA3TCRGYp0eR8YLDnlcQbGlsYW5pYGBiYWJqZ
	4BBWEuctmP8jUkggPbEkNTs1tSC1CGYcEwenVAMjYyVj6tX50zYzzP6WP2GLmF3hpjTHx69W
	+QXZSZ2d5cv2OMQ96YOClcfCtMcsshPKeJPkGKyiOduXv282UHX5OuvbCaMLUR05SuV9M7ck
	b56WMLlLI+iv1OSo2Emr1m9JKXji8PKjfEfhz4lLRNYdq320YJFZs+6u6LNWH7wuRs0K/LZe
	su63Egsw7g21mIuKEwEPI+qEVQIAAA==
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Since commit 971f10eca186 ("tcp: better TCP_SKB_CB layout to reduce cache
line misses") IPCB/IP6CB is no more at the beginning of the tcp_skb_cb.
This means that on the output path, we need to make sure that it has
been correctly initialized to 0, as is done in tcp_transmit_skb.

However, when going through the other code-path in TCP that can send an
skb (e.g., through tcp_v6_send_synack), we end up in a situation where
IP6CB has some of its fields set to unexpected values. Depending on the
layout of tcp_skb_cb across the different kernel-versions this can be
lastopt, flags,...

This patch makes sure that IPCB/IP6CB is always set to 0 before sending.

Cc: Eric Dumazet <edumazet@google.com>
Fixes: 971f10eca186 ("tcp: better TCP_SKB_CB layout to reduce cache line misses")
Signed-off-by: Christoph Paasch <cpaasch@apple.com>
---
 include/net/tcp.h     |  2 ++
 net/ipv4/tcp_ipv4.c   |  6 ++++++
 net/ipv4/tcp_output.c | 20 ++++++++++++--------
 3 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/include/net/tcp.h b/include/net/tcp.h
index e6d0002a1b0b..a375ee8fc534 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -2032,6 +2032,8 @@ static inline void tcp_listendrop(const struct sock *sk)
 
 enum hrtimer_restart tcp_pace_kick(struct hrtimer *timer);
 
+void tcp_skb_cleanup(struct sk_buff *skb);
+
 /*
  * Interface for adding Upper Level Protocols over TCP
  */
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 5b027c69cbc5..db7dd65b1f19 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -709,6 +709,9 @@ static void tcp_v4_send_reset(const struct sock *sk, struct sk_buff *skb)
 
 	arg.tos = ip_hdr(skb)->tos;
 	arg.uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
+
+	tcp_skb_cleanup(skb);
+
 	local_bh_disable();
 	ip_send_unicast_reply(*this_cpu_ptr(net->ipv4.tcp_sk),
 			      skb, &TCP_SKB_CB(skb)->header.h4.opt,
@@ -795,6 +798,9 @@ static void tcp_v4_send_ack(const struct sock *sk,
 		arg.bound_dev_if = oif;
 	arg.tos = tos;
 	arg.uid = sock_net_uid(net, sk_fullsock(sk) ? sk : NULL);
+
+	tcp_skb_cleanup(skb);
+
 	local_bh_disable();
 	ip_send_unicast_reply(*this_cpu_ptr(net->ipv4.tcp_sk),
 			      skb, &TCP_SKB_CB(skb)->header.h4.opt,
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index 823003eef3a2..6935a68d449b 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -973,6 +973,16 @@ static void tcp_internal_pacing(struct sock *sk, const struct sk_buff *skb)
 		      HRTIMER_MODE_ABS_PINNED);
 }
 
+void tcp_skb_cleanup(struct sk_buff *skb)
+{
+	/* Our usage of tstamp should remain private */
+	skb->tstamp = 0;
+
+	/* Cleanup our debris for IP stacks */
+	memset(skb->cb, 0, max(sizeof(struct inet_skb_parm),
+			       sizeof(struct inet6_skb_parm)));
+}
+
 /* This routine actually transmits TCP packets queued in by
  * tcp_do_sendmsg().  This is used by both the initial
  * transmission and possible later retransmissions.
@@ -1115,12 +1125,7 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it,
 	skb_shinfo(skb)->gso_segs = tcp_skb_pcount(skb);
 	skb_shinfo(skb)->gso_size = tcp_skb_mss(skb);
 
-	/* Our usage of tstamp should remain private */
-	skb->tstamp = 0;
-
-	/* Cleanup our debris for IP stacks */
-	memset(skb->cb, 0, max(sizeof(struct inet_skb_parm),
-			       sizeof(struct inet6_skb_parm)));
+	tcp_skb_cleanup(skb);
 
 	err = icsk->icsk_af_ops->queue_xmit(sk, skb, &inet->cork.fl);
 
@@ -3204,8 +3209,7 @@ struct sk_buff *tcp_make_synack(const struct sock *sk, struct dst_entry *dst,
 	rcu_read_unlock();
 #endif
 
-	/* Do not fool tcpdump (if any), clean our debris */
-	skb->tstamp = 0;
+	tcp_skb_cleanup(skb);
 	return skb;
 }
 EXPORT_SYMBOL(tcp_make_synack);