From patchwork Tue Mar 22 10:53:18 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steffen Klassert X-Patchwork-Id: 8640111 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: X-Original-To: patchwork-linux-crypto@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id A58C3C0553 for ; Tue, 22 Mar 2016 10:55:06 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 8B46C2038A for ; Tue, 22 Mar 2016 10:55:05 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 2AAFD20390 for ; Tue, 22 Mar 2016 10:55:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1759136AbcCVKy7 (ORCPT ); Tue, 22 Mar 2016 06:54:59 -0400 Received: from a.mx.secunet.com ([62.96.220.36]:45280 "EHLO a.mx.secunet.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1759170AbcCVKx2 (ORCPT ); Tue, 22 Mar 2016 06:53:28 -0400 Received: from localhost (alg1 [127.0.0.1]) by a.mx.secunet.com (Postfix) with ESMTP id 17A631A049A; Tue, 22 Mar 2016 11:53:21 +0100 (CET) X-Virus-Scanned: by secunet Received: from a.mx.secunet.com ([127.0.0.1]) by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id NNWOJv15heHs; Tue, 22 Mar 2016 11:53:19 +0100 (CET) Received: from mail-essen-01.secunet.de (unknown [10.53.40.204]) by a.mx.secunet.com (Postfix) with ESMTP id E15FC1A0497; Tue, 22 Mar 2016 11:53:19 +0100 (CET) Received: from gauss.dd.secunet.de (10.182.7.102) by mail-essen-01.secunet.de (10.53.40.204) with Microsoft SMTP Server id 14.3.279.2; Tue, 22 Mar 2016 11:53:19 +0100 Received: by gauss.dd.secunet.de (Postfix, from userid 1000) id 10B7E5C060A; Tue, 22 Mar 2016 11:53:18 +0100 (CET) Date: Tue, 22 Mar 2016 11:53:18 +0100 From: Steffen Klassert To: Mark McKinstry CC: "linux-crypto@vger.kernel.org" , "alexander.h.duyck@redhat.com" , "herbert@gondor.apana.org.au" , "davem@davemloft.net" Subject: Re: [PATCH] vti6: Add pmtu handling to vti6_xmit. Message-ID: <20160322105318.GS3347@gauss.secunet.com> References: <20150529182709.2147.78230.stgit@ahduyck-vm-fedora22> <56BA975D.2040706@alliedtelesis.co.nz> <20160217070805.GA316@gauss.secunet.com> <56C520F0.4050309@alliedtelesis.co.nz> <20160218121915.GH316@gauss.secunet.com> <56CE22A3.7030702@alliedtelesis.co.nz> <20160304070525.GA3347@gauss.secunet.com> <56E73285.5000702@alliedtelesis.co.nz> <20160315122801.GB3347@gauss.secunet.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20160315122801.GB3347@gauss.secunet.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-Originating-IP: [10.182.7.102] X-EXCLAIMER-MD-CONFIG: 2c86f778-e09b-4440-8b15-867914633a10 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On Tue, Mar 15, 2016 at 01:28:01PM +0100, Steffen Klassert wrote: > On Mon, Mar 14, 2016 at 09:52:05PM +0000, Mark McKinstry wrote: > > Your patch adds a dst_release() call to my suggested fix, but this is > > problematic because the kfree_skb() call at tx_error already takes care > > of releasing dst - via kfree_skb() > __kfree_skb() > skb_release_all() > > > skb_release_head_state() > skb_dst_drop() > > > refdst_drop() > dst_release(). In our scenario your patch results in > > a negative refcount kernel warning being generated in dst_release() for > > every packet that is too big to go over the vti. > > Hm. I've just noticed that my pmtu test does not trigger this > codepath, so I did not see the warning. > > Seems like we do the pmtu handling too late, it should happen before > we do skb_dst_set(). Also skb_scrub_packet() resets skb->ignore_df, > so checking ignore_df after skb_scrub_packet() does not make much sense. > > I'll send an updated version after some more testing. > I've added a testcase that triggers this codepath to my testing environment. The patch below works for me, could you please test if it fixes your problems? Subject: [PATCH] vti: Add pmtu handling to vti_xmit. We currently rely on the PMTU discovery of xfrm. However if a packet is locally sent, the PMTU mechanism of xfrm tries to do local socket notification what might not work for applications like ping that don't check for this. So add pmtu handling to vti_xmit to report MTU changes immediately. Signed-off-by: Steffen Klassert --- net/ipv4/ip_vti.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c index 5cf10b7..a917903 100644 --- a/net/ipv4/ip_vti.c +++ b/net/ipv4/ip_vti.c @@ -156,6 +156,7 @@ static netdev_tx_t vti_xmit(struct sk_buff *skb, struct net_device *dev, struct dst_entry *dst = skb_dst(skb); struct net_device *tdev; /* Device to other host */ int err; + int mtu; if (!dst) { dev->stats.tx_carrier_errors++; @@ -192,6 +193,23 @@ static netdev_tx_t vti_xmit(struct sk_buff *skb, struct net_device *dev, tunnel->err_count = 0; } + mtu = dst_mtu(dst); + if (skb->len > mtu) { + skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu); + if (skb->protocol == htons(ETH_P_IP)) { + icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, + htonl(mtu)); + } else { + if (mtu < IPV6_MIN_MTU) + mtu = IPV6_MIN_MTU; + + icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu); + } + + dst_release(dst); + goto tx_error; + } + skb_scrub_packet(skb, !net_eq(tunnel->net, dev_net(dev))); skb_dst_set(skb, dst); skb->dev = skb_dst(skb)->dev;