From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pl1-x643.google.com (mail-pl1-x643.google.com [IPv6:2607:f8b0:4864:20::643]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id A757D3B29D for ; Mon, 6 Jul 2020 00:24:51 -0400 (EDT) Received: by mail-pl1-x643.google.com with SMTP id x11so14825584plo.7 for ; Sun, 05 Jul 2020 21:24:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=NhQuh/M+EWr/H+2AN4zsqP1K1gI1NFzEkYpBnUNzwu8=; b=tzabOV92NsrmrViHXK0nWYnzKyxMnXybz1c5LHrpbDZvsULkOEjoUwyg0SEJZWfv2j ke044ICDxjqm31S6SUtqUtsSNgikx9OupmoDwcqP4bmuxNg3IK1qbyy3SvLCR2/I2pur VxoNfSeScLptOrJjsstSIQo9lvVctL3xwjCOl0BpXU1wfF3hp3IWqZsRLp8zzqIqGJAK BzdKyAYWRXGcwRVo6Xb5F9dbkqkuQunR5ZZ/I/wk4eNu8OWhQ+ROPxtuaCJbZuj0Ga6i C3CW4lXhSdwsxT8A5EMFgsQGQs/5JFpeTr7wKEz4Wbdhzew5aHKRXnYJMH00J12AbpKe nIQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=NhQuh/M+EWr/H+2AN4zsqP1K1gI1NFzEkYpBnUNzwu8=; b=jmcl62HLXPUuu1ujmO37cJczdGzgScWKssoxgwaO627k1bvpbHHFCgSlM/IKMyQqXm rsz1fRyz1CgBRUzydcIRn49qEks/SLd8c65IyHtRmOEyjeLtm787W6kvh4TYWo6iX/e/ 58lrNB5qDYAOBf8zL1Jc58Xn/E7GYhPuEY7sOCKKRzL7Cu4ZaJLd4tqR+jnk7MBfWaZS Kld5HG3SP6IR1ExR15T87dDgNVt68zz9te9UbXCXPm4prYOolSYefp0oSPLow3e5bDGi uyoxYoxgFNjDIF3spab9fiw2b5DjyQux1mnPb35oQqCkkkWjOSEKJcqtszkMWyvoPZaO xKvA== X-Gm-Message-State: AOAM533+eEvn4AG0Orv6xFzTONHEjLF+f1K7c4Ofetqhq9Sz9/lUEFMk ftOZ03ZedoxHF1mxD8QfhiU= X-Google-Smtp-Source: ABdhPJyHCUXMwb1alkHT6aU83lgl85yKQ4N8yg8Bm1A7RfvY/tx7kGh5nrkaA6qdA1Cf5r2jzEe7Sw== X-Received: by 2002:a17:902:684e:: with SMTP id f14mr11268525pln.166.1594009490929; Sun, 05 Jul 2020 21:24:50 -0700 (PDT) Received: from [172.20.20.103] ([222.151.198.97]) by smtp.gmail.com with ESMTPSA id d14sm298902pjc.20.2020.07.05.21.24.48 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 05 Jul 2020 21:24:50 -0700 (PDT) To: =?UTF-8?Q?Toke_H=c3=b8iland-J=c3=b8rgensen?= Cc: davem@davemloft.net, netdev@vger.kernel.org, bpf@vger.kernel.org, cake@lists.bufferbloat.net, Davide Caratti , Jiri Pirko , Jamal Hadi Salim , Cong Wang , Roman Mashak , Lawrence Brakmo , Ilya Ponetayev References: <20200703202643.12919-1-toke@redhat.com> <878sfzms4p.fsf@toke.dk> From: Toshiaki Makita Message-ID: Date: Mon, 6 Jul 2020 13:24:42 +0900 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.3.1 MIME-Version: 1.0 In-Reply-To: <878sfzms4p.fsf@toke.dk> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Mon, 06 Jul 2020 06:38:22 -0400 Subject: Re: [Cake] [PATCH net v3] sched: consistently handle layer3 header accesses in the presence of VLANs X-BeenThere: cake@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Cake - FQ_codel the next generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jul 2020 04:24:51 -0000 On 2020/07/04 20:33, Toke Høiland-Jørgensen wrote: > Toshiaki Makita writes: >> On 2020/07/04 5:26, Toke Høiland-Jørgensen wrote: >> ... >>> +/* A getter for the SKB protocol field which will handle VLAN tags consistently >>> + * whether VLAN acceleration is enabled or not. >>> + */ >>> +static inline __be16 skb_protocol(const struct sk_buff *skb, bool skip_vlan) >>> +{ >>> + unsigned int offset = skb_mac_offset(skb) + sizeof(struct ethhdr); >>> + __be16 proto = skb->protocol; >>> + >>> + if (!skip_vlan) >>> + /* VLAN acceleration strips the VLAN header from the skb and >>> + * moves it to skb->vlan_proto >>> + */ >>> + return skb_vlan_tag_present(skb) ? skb->vlan_proto : proto; >>> + >>> + while (eth_type_vlan(proto)) { >>> + struct vlan_hdr vhdr, *vh; >>> + >>> + vh = skb_header_pointer(skb, offset, sizeof(vhdr), &vhdr); >>> + if (!vh) >>> + break; >>> + >>> + proto = vh->h_vlan_encapsulated_proto; >>> + offset += sizeof(vhdr); >>> + } >> >> Why don't you use __vlan_get_protocol() here? It looks quite similar. >> Is there any problem with using that? > > TBH, I completely missed that helper. It seems to have side effects, > though (pskb_may_pull()), which is one of the things the original patch > to sch_cake that initiated all of this was trying to avoid. Sorry for not completely following the discussion... Pulling data is wrong for cake or other schedulers? > I guess I could just fix that, though, and switch __vlan_get_protocol() > over to using skb_header_pointer(). Will send a follow-up to do that. > > Any opinion on whether it's a good idea to limit the max parse depth > while I'm at it (see Daniel's reply)? The logic was originally introduced by skb_network_protocol() back in v3.10, and I have never heard of security report about that. But yes, I guess it potentially can be used for DoS attack. Toshiaki Makita