Message ID | 160650038768.2890576.58199438471570295.stgit@firesoul (mailing list archive) |
---|---|
State | Changes Requested |
Delegated to: | BPF |
Headers | show |
Series | bpf: New approach for BPF MTU handling | expand |
Context | Check | Description |
---|---|---|
netdev/cover_letter | success | Link |
netdev/fixes_present | success | Link |
netdev/patch_count | success | Link |
netdev/tree_selection | success | Clearly marked for bpf-next |
netdev/subject_prefix | success | Link |
netdev/source_inline | success | Was 0 now: 0 |
netdev/verify_signedoff | success | Link |
netdev/module_param | success | Was 0 now: 0 |
netdev/build_32bit | success | Errors and warnings before: 45 this patch: 45 |
netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
netdev/verify_fixes | success | Link |
netdev/checkpatch | success | total: 0 errors, 0 warnings, 0 checks, 23 lines checked |
netdev/build_allmodconfig_warn | success | Errors and warnings before: 45 this patch: 45 |
netdev/header_inline | success | Link |
netdev/stable | success | Stable not CCed |
diff --git a/net/core/filter.c b/net/core/filter.c index 1ee97fdeea64..84d77c425fbe 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -5565,11 +5565,21 @@ BPF_CALL_4(bpf_skb_fib_lookup, struct sk_buff *, skb, #endif } - if (!rc) { + if (rc == BPF_FIB_LKUP_RET_SUCCESS) { struct net_device *dev; + u32 mtu; dev = dev_get_by_index_rcu(net, params->ifindex); - if (!is_skb_forwardable(dev, skb)) + mtu = READ_ONCE(dev->mtu); + + /* Using tot_len for (L3) MTU check if provided by user */ + if (params->tot_len && params->tot_len > mtu) + rc = BPF_FIB_LKUP_RET_FRAG_NEEDED; + + /* Notice at this TC cls_bpf level skb->len contains L2 size, + * but is_skb_forwardable takes that into account + */ + if (params->tot_len == 0 && !is_skb_forwardable(dev, skb)) rc = BPF_FIB_LKUP_RET_FRAG_NEEDED; }
BPF end-user on Cilium slack-channel (Carlo Carraro) wants to use bpf_fib_lookup for doing MTU-check, but *prior* to extending packet size, by adjusting fib_params 'tot_len' with the packet length plus the expected encap size. (Just like the bpf_check_mtu helper supports). He discovered that for SKB ctx the param->tot_len was not used, instead skb->len was used (via MTU check in is_skb_forwardable()). Fix this by using fib_params 'tot_len' for MTU check. If not provided (e.g. zero) then keep existing behaviour intact. Fixes: 4c79579b44b1 ("bpf: Change bpf_fib_lookup to return lookup status") Reported-by: Carlo Carraro <colrack@gmail.com> Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com> --- net/core/filter.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-)