diff mbox series

Support for segment offloading on software interfaces for packets from virtual machine guests without the SKB_GSO_UDP_L4 flag.

Message ID 20240705032048.110896-1-chengcheng.luo@smartx.com (mailing list archive)
State Changes Requested
Delegated to: Netdev Maintainers
Headers show
Series Support for segment offloading on software interfaces for packets from virtual machine guests without the SKB_GSO_UDP_L4 flag. | expand

Checks

Context Check Description
netdev/series_format warning Single patches do not need cover letters; Target tree name not specified in the subject
netdev/tree_selection success Guessed tree name to be net-next
netdev/ynl success Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 816 this patch: 816
netdev/build_tools success No tools touched, skip
netdev/cc_maintainers warning 1 maintainers not CCed: dsahern@kernel.org
netdev/build_clang success Errors and warnings before: 821 this patch: 821
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 826 this patch: 826
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 13 lines checked
netdev/build_clang_rust success No Rust files in patch. Skipping build
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0
netdev/contest success net-next-2024-07-05--06-00 (tests: 695)

Commit Message

echken July 5, 2024, 3:20 a.m. UTC 
When running virtual machines on a host, and the guest uses a kernel
version below v6.2 (without commit https://
github.com/torvalds/linux/commit/860b7f27b8f78564ca5a2f607e0820b2d352a562),
 the UDP packets emitted from the guest do not include the SKB_GSO_UDP_L4
flag in their skb gso_type. Therefore, UDP packets from such guests always
bypass the __udp_gso_segment during the udp4_ufo_fragment process and go
directly to software segmentation prematurely. When the guest sends UDP
packets significantly larger than the MSS, and there are software
interfaces in the data path, such as Geneve, this can lead to substantial
additional performance overhead.

Signed-off-by: echken <chengcheng.luo@smartx.com>
---
 net/ipv4/udp_offload.c | 7 +++++++
 1 file changed, 7 insertions(+)

Comments

Willem de Bruijn July 6, 2024, 1:06 p.m. UTC | #1 
echken wrote:
> When running virtual machines on a host, and the guest uses a kernel
> version below v6.2 (without commit https://
> github.com/torvalds/linux/commit/860b7f27b8f78564ca5a2f607e0820b2d352a562),

Prefer format commit 860b7f27b8f7 ("linux/virtio_net.h: Support USO
offload in vnet header.")

>  the UDP packets emitted from the guest do not include the SKB_GSO_UDP_L4
> flag in their skb gso_type. Therefore, UDP packets from such guests always
> bypass the __udp_gso_segment during the udp4_ufo_fragment process and go
> directly to software segmentation prematurely.

GSO packets should have either SKB_GSO_UDP_L4 (UDP segmentation) or
SKB_GSO_UDP (UDP fragmentation). Not both. Note that UFO is also long
deprecated and discouraged.

> When the guest sends UDP
> packets significantly larger than the MSS, and there are software
> interfaces in the data path, such as Geneve, this can lead to substantial
> additional performance overhead.
> 
> Signed-off-by: echken <chengcheng.luo@smartx.com>
> ---
>  net/ipv4/udp_offload.c | 7 +++++++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/net/ipv4/udp_offload.c b/net/ipv4/udp_offload.c
> index 59448a2dbf2c..6aa5a97d8bde 100644
> --- a/net/ipv4/udp_offload.c
> +++ b/net/ipv4/udp_offload.c
> @@ -402,6 +402,13 @@ static struct sk_buff *udp4_ufo_fragment(struct sk_buff *skb,
>  	if (unlikely(skb->len <= mss))
>  		goto out;
>  
> +	if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) {
> +		/* Packet is from an untrusted source, reset gso_segs. */
> +		skb_shinfo(skb)->gso_segs = DIV_ROUND_UP(skb->len - sizeof(*uh),
> +							 mss);
> +		return NULL;
> +	}
> +

So what this really does is bypass software fragmentation in virtual
devices that advertise SKB_GSO_UDP.

That's fine, I suppose. But is not what the commit message currently
says.

>  	/* Do software UFO. Complete and fill in the UDP checksum as
>  	 * HW cannot do checksum of UDP packets sent as multiple
>  	 * IP fragments.
> -- 
> 2.34.1
>
diff mbox series

Patch

diff --git a/net/ipv4/udp_offload.c b/net/ipv4/udp_offload.c
index 59448a2dbf2c..6aa5a97d8bde 100644
--- a/net/ipv4/udp_offload.c
+++ b/net/ipv4/udp_offload.c
@@ -402,6 +402,13 @@  static struct sk_buff *udp4_ufo_fragment(struct sk_buff *skb,
 	if (unlikely(skb->len <= mss))
 		goto out;
 
+	if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) {
+		/* Packet is from an untrusted source, reset gso_segs. */
+		skb_shinfo(skb)->gso_segs = DIV_ROUND_UP(skb->len - sizeof(*uh),
+							 mss);
+		return NULL;
+	}
+
 	/* Do software UFO. Complete and fill in the UDP checksum as
 	 * HW cannot do checksum of UDP packets sent as multiple
 	 * IP fragments.