From patchwork Thu Jul 26 14:40:26 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Toshiaki Makita <toshiaki.makita1@gmail.com>
X-Patchwork-Id: 949756
X-Patchwork-Delegate: bpf@iogearbox.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netdev-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="kpZt/RUF"; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 41bvsy06clz9rxx
	for <patchwork-incoming-netdev@ozlabs.org>;
	Fri, 27 Jul 2018 00:41:10 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1730827AbeGZP6S (ORCPT
	<rfc822;patchwork-incoming-netdev@ozlabs.org>);
	Thu, 26 Jul 2018 11:58:18 -0400
Received: from mail-pf1-f194.google.com ([209.85.210.194]:45109 "EHLO
	mail-pf1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1729385AbeGZP6S (ORCPT
	<rfc822;netdev@vger.kernel.org>); Thu, 26 Jul 2018 11:58:18 -0400
Received: by mail-pf1-f194.google.com with SMTP id i26-v6so653540pfo.12
	for <netdev@vger.kernel.org>; Thu, 26 Jul 2018 07:41:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=QPcPsrdx+/eXIjWNkILeDqmC5vtHGQBTdML3+OfVlrc=;
	b=kpZt/RUFK9TbDG8yYA+FdTIDh2v5SozsVrlRjTa5wfgI7orKVNoVNgGEcUZKOMt4mh
	WT6p073in86eH70/R/ZvdZ/rCRssB20gKQj8EbrbQhUzBFNmQjXF+vBNa0DbJJVvJOIY
	2/+u7YWcD+6teGab6rrOInc7LtnUvfeIt19pzdkgRFWA9S1Y6I1jIhR75qCyiH9Ox12G
	hYriiVaXSAPAt000EWOmnQohymFghIwDo7iyyF6gpc+smqzHMtlu3Ou5SDDDjcCBoRMh
	JOJCLb4CKne5lhKipvFu6pPmawKlmBrbPwz7injLgLCfjOK02IfcipwDr607IkarDL3s
	9iJw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=QPcPsrdx+/eXIjWNkILeDqmC5vtHGQBTdML3+OfVlrc=;
	b=LUVo/JJoxdiHxoNpjffIX3NlnZgAJu+t1pHHUad1iWGi50m4JZzr0yTrU/nREa4BLQ
	7QIcXLMoBZm4DfNpAWgGNK0uiu9vuIK4kOO1wO3Vqv3xhmTmAxljSf4UavX/VR6QshDg
	XcN46Qu65Pxh9OVetbLSDsGkP5AJXrVGw9m6Xv/G0SAa2EM+/BmbwQxBEaybgrbSy6oO
	32eQ6TmIzeqRloXkPACmLcFOVjnVKRo3JbPbXawn0LiK0deM5XbjDYlOUr3fWTEhvAx0
	h/Hi7mosjjKjZua7uxptUCCM/nIC9dPsGFmssp3LWKgUsvRQoE1UK6Ggo3BZFvDDYCG/
	foug==
X-Gm-Message-State: AOUpUlHgmy2h83xXoATR/cZ8ZHMBWwusgdt23JqypZh4RoQCfShvUxuV
	h1dJmMgf8VvT0DyL3B41zVeWb4p2
X-Google-Smtp-Source: 
 AAOMgpc1CvA+RqwwFW5t1I3sBpYlRSw31A1gCChL9rbjMC6mo3bxVL7vN9OH/oeYFVJ40Jzy5K6uQA==
X-Received: by 2002:a63:214f:: with SMTP id
	s15-v6mr2189673pgm.267.1532616067532;
	Thu, 26 Jul 2018 07:41:07 -0700 (PDT)
Received: from localhost.localdomain (i153-145-22-9.s42.a013.ap.plala.or.jp.
	[153.145.22.9]) by smtp.gmail.com with ESMTPSA id
	p3-v6sm2649982pfo.130.2018.07.26.07.41.04
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Thu, 26 Jul 2018 07:41:06 -0700 (PDT)
From: Toshiaki Makita <toshiaki.makita1@gmail.com>
To: netdev@vger.kernel.org, Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>
Cc: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>,
	Jesper Dangaard Brouer <brouer@redhat.com>,
	Jakub Kicinski <jakub.kicinski@netronome.com>
Subject: [PATCH v5 bpf-next 3/9] veth: Avoid drops by oversized packets when
	XDP is enabled
Date: Thu, 26 Jul 2018 23:40:26 +0900
Message-Id: <20180726144032.2116-4-toshiaki.makita1@gmail.com>
X-Mailer: git-send-email 2.14.3
In-Reply-To: <20180726144032.2116-1-toshiaki.makita1@gmail.com>
References: <20180726144032.2116-1-toshiaki.makita1@gmail.com>
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

From: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>

All oversized packets including GSO packets are dropped if XDP is
enabled on receiver side, so don't send such packets from peer.

Drop TSO and SCTP fragmentation features so that veth devices themselves
segment packets with XDP enabled. Also cap MTU accordingly.

v4:
- Don't auto-adjust MTU but cap max MTU.

Signed-off-by: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>
---
 drivers/net/veth.c | 47 +++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 45 insertions(+), 2 deletions(-)

diff --git a/drivers/net/veth.c b/drivers/net/veth.c
index 78fa08cb6e24..1b4006d3df32 100644
--- a/drivers/net/veth.c
+++ b/drivers/net/veth.c
@@ -542,6 +542,23 @@ static int veth_get_iflink(const struct net_device *dev)
 	return iflink;
 }
 
+static netdev_features_t veth_fix_features(struct net_device *dev,
+					   netdev_features_t features)
+{
+	struct veth_priv *priv = netdev_priv(dev);
+	struct net_device *peer;
+
+	peer = rtnl_dereference(priv->peer);
+	if (peer) {
+		struct veth_priv *peer_priv = netdev_priv(peer);
+
+		if (peer_priv->_xdp_prog)
+			features &= ~NETIF_F_GSO_SOFTWARE;
+	}
+
+	return features;
+}
+
 static void veth_set_rx_headroom(struct net_device *dev, int new_hr)
 {
 	struct veth_priv *peer_priv, *priv = netdev_priv(dev);
@@ -571,6 +588,7 @@ static int veth_xdp_set(struct net_device *dev, struct bpf_prog *prog,
 	struct veth_priv *priv = netdev_priv(dev);
 	struct bpf_prog *old_prog;
 	struct net_device *peer;
+	unsigned int max_mtu;
 	int err;
 
 	old_prog = priv->_xdp_prog;
@@ -584,6 +602,15 @@ static int veth_xdp_set(struct net_device *dev, struct bpf_prog *prog,
 			goto err;
 		}
 
+		max_mtu = PAGE_SIZE - VETH_XDP_HEADROOM -
+			  peer->hard_header_len -
+			  SKB_DATA_ALIGN(sizeof(struct skb_shared_info));
+		if (peer->mtu > max_mtu) {
+			NL_SET_ERR_MSG_MOD(extack, "Peer MTU is too large to set XDP");
+			err = -ERANGE;
+			goto err;
+		}
+
 		if (dev->flags & IFF_UP) {
 			err = veth_enable_xdp(dev);
 			if (err) {
@@ -591,14 +618,29 @@ static int veth_xdp_set(struct net_device *dev, struct bpf_prog *prog,
 				goto err;
 			}
 		}
+
+		if (!old_prog) {
+			peer->hw_features &= ~NETIF_F_GSO_SOFTWARE;
+			peer->max_mtu = max_mtu;
+		}
 	}
 
 	if (old_prog) {
-		if (!prog && dev->flags & IFF_UP)
-			veth_disable_xdp(dev);
+		if (!prog) {
+			if (dev->flags & IFF_UP)
+				veth_disable_xdp(dev);
+
+			if (peer) {
+				peer->hw_features |= NETIF_F_GSO_SOFTWARE;
+				peer->max_mtu = ETH_MAX_MTU;
+			}
+		}
 		bpf_prog_put(old_prog);
 	}
 
+	if ((!!old_prog ^ !!prog) && peer)
+		netdev_update_features(peer);
+
 	return 0;
 err:
 	priv->_xdp_prog = old_prog;
@@ -643,6 +685,7 @@ static const struct net_device_ops veth_netdev_ops = {
 	.ndo_poll_controller	= veth_poll_controller,
 #endif
 	.ndo_get_iflink		= veth_get_iflink,
+	.ndo_fix_features	= veth_fix_features,
 	.ndo_features_check	= passthru_features_check,
 	.ndo_set_rx_headroom	= veth_set_rx_headroom,
 	.ndo_bpf		= veth_xdp,