[07/12] flow_dissector: Parse vxlan in UDP

Message ID	20240731172332.683815-8-tom@herbertland.com (mailing list archive)
State	Changes Requested
Delegated to:	Netdev Maintainers
Headers	show Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 829891DFE4 for <netdev@vger.kernel.org>; Wed, 31 Jul 2024 17:24:01 +0000 (UTC) From: Tom Herbert <tom@herbertland.com> To: davem@davemloft.net, kuba@kernel.org, edumazet@google.com, netdev@vger.kernel.org, felipe@sipanda.io Cc: Tom Herbert <tom@herbertland.com> Subject: [PATCH 07/12] flow_dissector: Parse vxlan in UDP Date: Wed, 31 Jul 2024 10:23:27 -0700 Message-Id: <20240731172332.683815-8-tom@herbertland.com> In-Reply-To: <20240731172332.683815-1-tom@herbertland.com> References: <20240731172332.683815-1-tom@herbertland.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	flow_dissector: Dissect UDP encapsulation protocols \| expand [00/12] flow_dissector: Dissect UDP encapsulation protocols [01/12] skbuff: Unconstantify struct net argument in flowdis functions [02/12] flow_dissector: Parse ETH_P_TEB [03/12] flow_dissector: Move ETH_P_TEB out of GRE [04/12] udp_encaps: Add new UDP_ENCAP constants [05/12] udp_encaps: Set proper UDP_ENCAP types in tunnel setup [06/12] flow_dissector: UDP encap infrastructure [07/12] flow_dissector: Parse vxlan in UDP [08/12] flow_dissector: Parse foo-over-udp (FOU) [09/12] flow_dissector: Parse ESP, L2TP, and SCTP in UDP [10/12] flow_dissector: Parse Geneve in UDP [11/12] flow_dissector: Parse GUE in UDP [12/12] flow_dissector: Parse gtp in UDP

Message ID

20240731172332.683815-8-tom@herbertland.com (mailing list archive)

State

Changes Requested

Delegated to:

Netdev Maintainers

Headers

From: Tom Herbert <tom@herbertland.com>
To: davem@davemloft.net,
	kuba@kernel.org,
	edumazet@google.com,
	netdev@vger.kernel.org,
	felipe@sipanda.io
Cc: Tom Herbert <tom@herbertland.com>
Subject: [PATCH 07/12] flow_dissector: Parse vxlan in UDP
Date: Wed, 31 Jul 2024 10:23:27 -0700
Message-Id: <20240731172332.683815-8-tom@herbertland.com>
In-Reply-To: <20240731172332.683815-1-tom@herbertland.com>
References: <20240731172332.683815-1-tom@herbertland.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

flow_dissector: Dissect UDP encapsulation protocols | expand

Context	Check	Description
netdev/series_format	success	Posting correctly formatted
netdev/tree_selection	success	Guessed tree name to be net-next, async
netdev/ynl	success	Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	fail	Errors and warnings before: 46 this patch: 46
netdev/build_tools	success	No tools touched, skip
netdev/cc_maintainers	warning	1 maintainers not CCed: pabeni@redhat.com
netdev/build_clang	fail	Errors and warnings before: 48 this patch: 48
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/deprecated_api	success	None detected
netdev/check_selftest	success	No net selftest shell script
netdev/verify_fixes	success	No Fixes tag
netdev/build_allmodconfig_warn	fail	Errors and warnings before: 48 this patch: 49
netdev/checkpatch	success	total: 0 errors, 0 warnings, 0 checks, 76 lines checked
netdev/build_clang_rust	success	No Rust files in patch. Skipping build
netdev/kdoc	success	Errors and warnings before: 3 this patch: 3
netdev/source_inline	success	Was 0 now: 0

Context

Check

Description

netdev/series_format

success

Posting correctly formatted

netdev/tree_selection

success

Guessed tree name to be net-next, async

netdev/ynl

success

Generated files up to date; no warnings/errors; no diff in generated;

netdev/fixes_present

success

Fixes tag not required for -next series

netdev/header_inline

success

No static functions without inline keyword in header files

netdev/build_32bit

fail

Errors and warnings before: 46 this patch: 46

netdev/build_tools

success

No tools touched, skip

netdev/cc_maintainers

warning

1 maintainers not CCed: pabeni@redhat.com

netdev/build_clang

fail

Errors and warnings before: 48 this patch: 48

netdev/verify_signedoff

success

Signed-off-by tag matches author and committer

netdev/deprecated_api

success

None detected

netdev/check_selftest

success

No net selftest shell script

netdev/verify_fixes

success

No Fixes tag

netdev/build_allmodconfig_warn

fail

Errors and warnings before: 48 this patch: 49

netdev/checkpatch

success

total: 0 errors, 0 warnings, 0 checks, 76 lines checked

netdev/build_clang_rust

success

No Rust files in patch. Skipping build

netdev/kdoc

success

Errors and warnings before: 3 this patch: 3

netdev/source_inline

success

Was 0 now: 0

Comments

Simon Horman Aug. 1, 2024, 6:22 p.m. UTC | #1

On Wed, Jul 31, 2024 at 10:23:27AM -0700, Tom Herbert wrote:
> Parse vxlan in a UDP encapsulation
> 
> Signed-off-by: Tom Herbert <tom@herbertland.com>
> ---
>  net/core/flow_dissector.c | 57 +++++++++++++++++++++++++++++++++++++++
>  1 file changed, 57 insertions(+)
> 
> diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c

...

> @@ -756,6 +758,55 @@ __skb_flow_dissect_gre(const struct sk_buff *skb,
>  	return FLOW_DISSECT_RET_PROTO_AGAIN;
>  }
>  
> +static enum flow_dissect_ret
> +__skb_flow_dissect_vxlan(const struct sk_buff *skb,
> +			 struct flow_dissector *flow_dissector,
> +			 void *target_container, const void *data,
> +			 __be16 *p_proto, int *p_nhoff, int hlen,
> +			 unsigned int flags)
> +{
> +	struct vxlanhdr *hdr, _hdr;
> +	__be16 protocol;
> +
> +	hdr = __skb_header_pointer(skb, *p_nhoff, sizeof(_hdr), data, hlen,
> +				   &_hdr);
> +	if (!hdr)
> +		return FLOW_DISSECT_RET_OUT_BAD;
> +
> +	/* VNI flag always required to be set */
> +	if (!(hdr->vx_flags & VXLAN_HF_VNI))
> +		return FLOW_DISSECT_RET_OUT_BAD;
> +
> +	if (hdr->vx_flags & VXLAN_F_GPE) {

Hi Tom,

Sparse flags an byte-order miss match on the line above.
I expect this would resolve it (completely untested!):

	if (hdr->vx_flags & cpu_to_be32(VXLAN_F_GPE))

...

kernel test robot Aug. 3, 2024, 3:26 a.m. UTC | #2

Hi Tom,

kernel test robot noticed the following build warnings:

[auto build test WARNING on net-next/main]
[also build test WARNING on net/main linus/master v6.11-rc1 next-20240802]
[cannot apply to horms-ipvs/master]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]

url:    https://github.com/intel-lab-lkp/linux/commits/Tom-Herbert/skbuff-Unconstantify-struct-net-argument-in-flowdis-functions/20240802-084418
base:   net-next/main
patch link:    https://lore.kernel.org/r/20240731172332.683815-8-tom%40herbertland.com
patch subject: [PATCH 07/12] flow_dissector: Parse vxlan in UDP
config: i386-randconfig-062-20240802 (https://download.01.org/0day-ci/archive/20240803/202408031144.ln4wxJc4-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240803/202408031144.ln4wxJc4-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202408031144.ln4wxJc4-lkp@intel.com/

sparse warnings: (new ones prefixed by >>)
>> net/core/flow_dissector.c:780:16: sparse: sparse: restricted __be32 degrades to integer
   net/core/flow_dissector.c: note: in included file (through include/linux/if_pppox.h):
   include/uapi/linux/if_pppox.h:153:29: sparse: sparse: array of flexible structures

vim +780 net/core/flow_dissector.c

   760	
   761	static enum flow_dissect_ret
   762	__skb_flow_dissect_vxlan(const struct sk_buff *skb,
   763				 struct flow_dissector *flow_dissector,
   764				 void *target_container, const void *data,
   765				 __be16 *p_proto, int *p_nhoff, int hlen,
   766				 unsigned int flags)
   767	{
   768		struct vxlanhdr *hdr, _hdr;
   769		__be16 protocol;
   770	
   771		hdr = __skb_header_pointer(skb, *p_nhoff, sizeof(_hdr), data, hlen,
   772					   &_hdr);
   773		if (!hdr)
   774			return FLOW_DISSECT_RET_OUT_BAD;
   775	
   776		/* VNI flag always required to be set */
   777		if (!(hdr->vx_flags & VXLAN_HF_VNI))
   778			return FLOW_DISSECT_RET_OUT_BAD;
   779	
 > 780		if (hdr->vx_flags & VXLAN_F_GPE) {
   781			struct vxlanhdr_gpe *gpe = (struct vxlanhdr_gpe *)hdr;
   782	
   783			/* Need to have Next Protocol set for interfaces in GPE mode. */
   784			if (!gpe->np_applied)
   785				return FLOW_DISSECT_RET_OUT_BAD;
   786	
   787			/* The initial version is 0 */
   788			if (gpe->version != 0)
   789				return FLOW_DISSECT_RET_OUT_GOOD;
   790	
   791			/* "When the O bit is set to 1, the packet is an OAM packet and
   792			 * OAM so ignore
   793			 */
   794			if (gpe->oam_flag)
   795				return FLOW_DISSECT_RET_OUT_GOOD;
   796	
   797			protocol = tun_p_to_eth_p(gpe->next_protocol);
   798			if (!protocol)
   799				return FLOW_DISSECT_RET_OUT_GOOD;
   800		} else {
   801			protocol = htons(ETH_P_TEB);
   802		}
   803	
   804		*p_nhoff += sizeof(struct vxlanhdr);
   805		*p_proto = protocol;
   806	
   807		return FLOW_DISSECT_RET_PROTO_AGAIN;
   808	}
   809

diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c
index 006db3b893d0..6ad45b09dda4 100644
--- a/net/core/flow_dissector.c
+++ b/net/core/flow_dissector.c
@@ -13,7 +13,9 @@ 
 #include <net/gre.h>
 #include <net/pptp.h>
 #include <net/tipc.h>
+#include <net/tun_proto.h>
 #include <net/udp.h>
+#include <net/vxlan.h>
 #include <linux/igmp.h>
 #include <linux/icmp.h>
 #include <linux/sctp.h>
@@ -756,6 +758,55 @@  __skb_flow_dissect_gre(const struct sk_buff *skb,
 	return FLOW_DISSECT_RET_PROTO_AGAIN;
 }
 
+static enum flow_dissect_ret
+__skb_flow_dissect_vxlan(const struct sk_buff *skb,
+			 struct flow_dissector *flow_dissector,
+			 void *target_container, const void *data,
+			 __be16 *p_proto, int *p_nhoff, int hlen,
+			 unsigned int flags)
+{
+	struct vxlanhdr *hdr, _hdr;
+	__be16 protocol;
+
+	hdr = __skb_header_pointer(skb, *p_nhoff, sizeof(_hdr), data, hlen,
+				   &_hdr);
+	if (!hdr)
+		return FLOW_DISSECT_RET_OUT_BAD;
+
+	/* VNI flag always required to be set */
+	if (!(hdr->vx_flags & VXLAN_HF_VNI))
+		return FLOW_DISSECT_RET_OUT_BAD;
+
+	if (hdr->vx_flags & VXLAN_F_GPE) {
+		struct vxlanhdr_gpe *gpe = (struct vxlanhdr_gpe *)hdr;
+
+		/* Need to have Next Protocol set for interfaces in GPE mode. */
+		if (!gpe->np_applied)
+			return FLOW_DISSECT_RET_OUT_BAD;
+
+		/* The initial version is 0 */
+		if (gpe->version != 0)
+			return FLOW_DISSECT_RET_OUT_GOOD;
+
+		/* "When the O bit is set to 1, the packet is an OAM packet and
+		 * OAM so ignore
+		 */
+		if (gpe->oam_flag)
+			return FLOW_DISSECT_RET_OUT_GOOD;
+
+		protocol = tun_p_to_eth_p(gpe->next_protocol);
+		if (!protocol)
+			return FLOW_DISSECT_RET_OUT_GOOD;
+	} else {
+		protocol = htons(ETH_P_TEB);
+	}
+
+	*p_nhoff += sizeof(struct vxlanhdr);
+	*p_proto = protocol;
+
+	return FLOW_DISSECT_RET_PROTO_AGAIN;
+}
+
 /**
  * __skb_flow_dissect_batadv() - dissect batman-adv header
  * @skb: sk_buff to with the batman-adv header
@@ -893,6 +944,12 @@  __skb_flow_dissect_udp(const struct sk_buff *skb, struct net *net,
 	ret = FLOW_DISSECT_RET_OUT_GOOD;
 
 	switch (encap_type) {
+	case UDP_ENCAP_VXLAN:
+	case UDP_ENCAP_VXLAN_GPE:
+		ret = __skb_flow_dissect_vxlan(skb, flow_dissector,
+					       target_container, data,
+					       p_proto, &nhoff, hlen, flags);
+		break;
 	default:
 		break;
 	}

[07/12] flow_dissector: Parse vxlan in UDP

Checks

Commit Message

Comments

Patch