On Mon, Apr 18, 2022 at 12:44 AM Hangbin Liu <liuhangbin@xxxxxxxxx> wrote: > > Flavio reported that the kernel drops GSO VLAN tagged packet if it's > created with socket(AF_PACKET, SOCK_RAW, 0) plus virtio_net_hdr. > > The reason is AF_PACKET doesn't adjust the skb network header if there is > a VLAN tag. Then after virtio_net_hdr_set_proto() called, the skb->protocol > will be set to ETH_P_IP/IPv6. And in later inet/ipv6_gso_segment() the skb > is dropped as network header position is invalid. > > Fix it by adjusting network header position in packet_parse_headers() > and move the function before calling virtio_net_hdr_* functions. > > I also moved skb->no_fcs setting upper to make all skb setting together > and keep consistence of function packet_sendmsg_spkt(). > > No need to update tpacket_snd() as it calls packet_parse_headers() in > tpacket_fill_skb() before calling virtio_net_hdr_* functions. > > Fixes: 75c65772c3d1 ("net/packet: Ask driver for protocol if not provided by user") > Reported-by: Flavio Leitner <fbl@xxxxxxxxxx> > Signed-off-by: Hangbin Liu <liuhangbin@xxxxxxxxx> Strictly speaking VLAN tagged GSO packets have never been supported. The only defined types are TCP and UDP over IPv4 and IPv6: define VIRTIO_NET_HDR_GSO_TCPV4 1 /* GSO frame, IPv4 TCP (TSO) */ define VIRTIO_NET_HDR_GSO_UDP 3 /* GSO frame, IPv4 UDP (UFO) */ define VIRTIO_NET_HDR_GSO_TCPV6 4 /* GSO frame, IPv6 TCP */ I don't think this is a bug, more a stretching of the definition of those flags. > --- > net/packet/af_packet.c | 18 +++++++++++++----- > 1 file changed, 13 insertions(+), 5 deletions(-) > > diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c > index 002d2b9c69dd..cfdbda28ef82 100644 > --- a/net/packet/af_packet.c > +++ b/net/packet/af_packet.c > @@ -1924,12 +1924,20 @@ static int packet_rcv_spkt(struct sk_buff *skb, struct net_device *dev, > > static void packet_parse_headers(struct sk_buff *skb, struct socket *sock) > { > + int depth; > + > if ((!skb->protocol || skb->protocol == htons(ETH_P_ALL)) && > sock->type == SOCK_RAW) { > skb_reset_mac_header(skb); > skb->protocol = dev_parse_header_protocol(skb); > } > > + /* Move network header to the right position for VLAN tagged packets */ > + if (likely(skb->dev->type == ARPHRD_ETHER) && > + eth_type_vlan(skb->protocol) && > + __vlan_get_protocol(skb, skb->protocol, &depth) != 0) > + skb_set_network_header(skb, depth); > + > skb_probe_transport_header(skb); > } > > @@ -3047,6 +3055,11 @@ static int packet_snd(struct socket *sock, struct msghdr *msg, size_t len) > skb->mark = sockc.mark; > skb->tstamp = sockc.transmit_time; > > + if (unlikely(extra_len == 4)) > + skb->no_fcs = 1; > + > + packet_parse_headers(skb, sock); > + > if (has_vnet_hdr) { > err = virtio_net_hdr_to_skb(skb, &vnet_hdr, vio_le()); > if (err) > @@ -3055,11 +3068,6 @@ static int packet_snd(struct socket *sock, struct msghdr *msg, size_t len) > virtio_net_hdr_set_proto(skb, &vnet_hdr); > } > > - packet_parse_headers(skb, sock); > - > - if (unlikely(extra_len == 4)) > - skb->no_fcs = 1; > - Moving packet_parse_headers before or after virtio_net_hdr_to_skb may have additional subtle effects on protocol detection. I think it's probably okay, as tpacket_snd also calls in the inverse order. But there have been many issues in this codepath. We should also maintain feature consistency between packet_snd, tpacket_snd and to the limitations of its feature set to packet_sendmsg_spkt. The no_fcs is already lacking in tpacket_snd as far as I can tell. But packet_sendmsg_spkt also sets it and calls packet_parse_headers. Because this patch touches many other packets besides the ones intended, I am a bit concerned about unintended consequences. Perhaps stretching the definition of the flags to include VLAN is acceptable (unlike outright tunnels), but even then I would suggest for net-next. > err = po->xmit(skb); > if (unlikely(err != 0)) { > if (err > 0) _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/virtualization