From patchwork Thu Oct 27 21:26:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bodong Wang X-Patchwork-Id: 1695693 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=Nvidia.com header.i=@Nvidia.com header.a=rsa-sha256 header.s=selector2 header.b=twaUs0wU; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MyzL51QKRz20S2 for ; Fri, 28 Oct 2022 08:27:57 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1ooAPj-00057o-3O; Thu, 27 Oct 2022 21:27:47 +0000 Received: from mail-dm6nam04on2067.outbound.protection.outlook.com ([40.107.102.67] helo=NAM04-DM6-obe.outbound.protection.outlook.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1ooAPJ-0004dZ-Rn for kernel-team@lists.ubuntu.com; Thu, 27 Oct 2022 21:27:22 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hU+LbeMSXBeQmYV9GsGFhbQiGVUta1fUGeAo5TWP1ZaCk1lmYrnmJg1i2fdCjacd3YIrrwBz9DZxgmzGer/cEF4bFAe5MGLwQkMPojsOJcfzEzgHpJ1aVY4ILx8/ApNgeoNxaDYsD7bcsyfCPusBB4lsMc9DSviXcetOvs1O5Q1pO+wG29HsGrWu6/8hKCHnRg4svo95SduXbNXUSVF2TnP1Iw1aDCfmxKr1oZjGht4NGpnDaKoYArH1/T/pTbLzN21h1nFxrbHo72aEvelogOguHaAgLNn4JXMQVj2j//fRIn68yZLpEEec/diSSH/zBGspciu1JZKyIOyZwoOJyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2zV+hIt2r33bV1o7g3aylko4YascYaNPBzf10i6xBqU=; b=bxeCcg9GSUOAJFqpeBs2sDm5JdtjesKOF2e6Hr7jG9HXgWNK5d/cyzC8Ov0By+uiqR0wXd5dZ/Ue21VOsU/KQ9hePGnQ4NOD+wHEpjACIs7rHTtaUJk66JiOCmHyWAOHHLIjR0a05u7yIbh3wqXSZyfKPOb3HIv0Kcu7P6DX4/+rACpQ46vb4o1iOw9oVTaGXHcc9F1nnO9sgehMjTgEorzo0Q6FL7VKhwQOCtjaA16Edu1d7sI9ooZXiQ7FMc2Kss1Z2TZOPzWMZUkxt6X0lc2Q+NQMbnRnc5SA9YuAcZ6lqFtqphmOiWhg9DvVKGds1NXh3tHpjYs1rtvO+pdq8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=lists.ubuntu.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2zV+hIt2r33bV1o7g3aylko4YascYaNPBzf10i6xBqU=; b=twaUs0wU84LDDeFo4Ij/Ir/KoocW/Os/8GZSxaLtkBa96bc9DRLA1810d9w5T8NjdzJPxvjUZxeg24jroP4f+9mRDpu7pNU/PatY/S3C2bxQmB1EYkSIyAmeXQpfdvpMUCOhg+6WjDQrnTFKUO5DREEs0zf2SXCerA5ye+Kp5+OGhjOPNwpIw5smwQlfq8h3jCHsJLYAZLxefe48D5CCNMe+eO86JnvnzkV3c0F4IoumxVunVa5QIniaOIguOKgPMEMlPzKakOEbbvuP+XePuKfLGXQIORraEURva/wDchXSF2KrKmNq3ckjz6MJ9NwVrzpAtW+sePzKePRpl4a4/Q== Received: from BN9PR03CA0345.namprd03.prod.outlook.com (2603:10b6:408:f6::20) by CY5PR12MB6177.namprd12.prod.outlook.com (2603:10b6:930:26::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.28; Thu, 27 Oct 2022 21:27:18 +0000 Received: from BN8NAM11FT031.eop-nam11.prod.protection.outlook.com (2603:10b6:408:f6:cafe::4a) by BN9PR03CA0345.outlook.office365.com (2603:10b6:408:f6::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5769.15 via Frontend Transport; Thu, 27 Oct 2022 21:27:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT031.mail.protection.outlook.com (10.13.177.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.16 via Frontend Transport; Thu, 27 Oct 2022 21:27:16 +0000 Received: from rnnvmail204.nvidia.com (10.129.68.6) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Thu, 27 Oct 2022 14:27:05 -0700 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail204.nvidia.com (10.129.68.6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Thu, 27 Oct 2022 14:27:05 -0700 Received: from mtl123.mtl.labs.mlnx (10.127.8.10) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29 via Frontend Transport; Thu, 27 Oct 2022 14:27:04 -0700 Received: from sw-mtx-hparm-006.mtx.labs.mlnx. (sw-mtx-hparm-006.mtx.labs.mlnx [10.9.151.93]) by mtl123.mtl.labs.mlnx (8.14.4/8.14.4) with ESMTP id 29RLR02A032221; Fri, 28 Oct 2022 00:27:01 +0300 From: Bodong Wang To: Subject: [SRU][F:linux-bluefield][PATCH 01/10] net: Fix return value of qdisc ingress handling on success Date: Thu, 27 Oct 2022 16:26:39 -0500 Message-ID: <1666906019-80328-2-git-send-email-bodong@nvidia.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1666906019-80328-1-git-send-email-bodong@nvidia.com> References: <1666906019-80328-1-git-send-email-bodong@nvidia.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT031:EE_|CY5PR12MB6177:EE_ X-MS-Office365-Filtering-Correlation-Id: 37e922c0-c487-4912-00f5-08dab86205a3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3qtWdi5WoLqX2uRT8zoJ78jgYrXbFw50V4PdEPSkByf+RgktB514VAwSDy/4/CBp4fBgM0JY/wTHP+bPcsXm6izLybXUtzmWsOicoY/BiuzlaDfT++l/BHmeb9S82aN8BoNZkbh9siqPIfcbAmiWLL/mjpRcqh6oslgcUjzSgtTucEKqb/Q4bxtzHAsLRxRiv+7l5qPOf99QILYngG4dSNaPxNu2j1NQRXDND/lOYXbPQ8SIAVcTJcoa/D2RHrrWRXulxdORBzHsPAIvlvYE5L5dsvFPTuKTrXd2J6Au6pMTDfB5vTMCMZiRtpTZQtNO5BC+1KweCF0gHvUvNWXlmjMW2KxqvkojlLQliIhYr9C8HxZvZ0+ohsMNBmyYCMg9+by+foKn3gx2IpxfDfXJeO6Y+j9MVFaetARKReCVs0JwB+vJWMjYT/ZvgscpbO2fAqzhE0dRvSon2DQ1lEKqXWaQBOmAeCoMYDMRH/XN3w1kbMPrrp41Af42urOXby5BmPmWWhPLTZ5dC+TmM/eK5sglP4hvllb5KzjfozM2sshf4L8P3yUzga79FbIVL/ZaHBCgZh3vyUw6X4mlfr3D/9PdWEKUY4CuMB7CHbv6bA4UtRhyfycOlhlYEkts73mcTZ+bAHWLDJheaV3xbuYWpRDB3PArAVy114O1zY9vuOYuWQ5+N6WBcc3quq07tPIyJD2e/zMNVEaUF0jJmuPzT0t7n92zJ78fyn3kYp31wId4f/8ddzzH3+Cpa2zDFyDpaCP56rGw5yL17pJ8xLnpcUBdL2P7YMHpCr11tTnh+DKrBX0vIfxHz+iqTiblkQ5l9jnRgV7lQS1LHi4eF4lgQ9r/lvog2hN5c/Ja4Mq0bLs= X-Forefront-Antispam-Report: CIP:216.228.117.161; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:dc6edge2.nvidia.com; CAT:NONE; SFS:(13230022)(4636009)(346002)(396003)(39860400002)(136003)(376002)(451199015)(46966006)(40470700004)(36840700001)(186003)(336012)(47076005)(86362001)(36756003)(107886003)(6666004)(966005)(2906002)(40460700003)(8676002)(356005)(7636003)(40480700001)(83380400001)(2616005)(36860700001)(26005)(41300700001)(4326008)(316002)(70206006)(54906003)(82740400003)(8936002)(6916009)(82310400005)(70586007)(478600001)(5660300002); DIR:OUT; SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Oct 2022 21:27:16.5189 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 37e922c0-c487-4912-00f5-08dab86205a3 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.117.161]; Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT031.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR12MB6177 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: vlad@nvidia.com Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Paul Blakey BugLink: https://bugs.launchpad.net/bugs/1995004 Currently qdisc ingress handling (sch_handle_ingress()) doesn't set a return value and it is left to the old return value of the caller (__netif_receive_skb_core()) which is RX drop, so if the packet is consumed, caller will stop and return this value as if the packet was dropped. This causes a problem in the kernel tcp stack when having a egress tc rule forwarding to a ingress tc rule. The tcp stack sending packets on the device having the egress rule will see the packets as not successfully transmitted (although they actually were), will not advance it's internal state of sent data, and packets returning on such tcp stream will be dropped by the tcp stack with reason ack-of-unsent-data. See reproduction in [0] below. Fix that by setting the return value to RX success if the packet was handled successfully. [0] Reproduction steps: $ ip link add veth1 type veth peer name peer1 $ ip link add veth2 type veth peer name peer2 $ ifconfig peer1 5.5.5.6/24 up $ ip netns add ns0 $ ip link set dev peer2 netns ns0 $ ip netns exec ns0 ifconfig peer2 5.5.5.5/24 up $ ifconfig veth2 0 up $ ifconfig veth1 0 up #ingress forwarding veth1 <-> veth2 $ tc qdisc add dev veth2 ingress $ tc qdisc add dev veth1 ingress $ tc filter add dev veth2 ingress prio 1 proto all flower \ action mirred egress redirect dev veth1 $ tc filter add dev veth1 ingress prio 1 proto all flower \ action mirred egress redirect dev veth2 #steal packet from peer1 egress to veth2 ingress, bypassing the veth pipe $ tc qdisc add dev peer1 clsact $ tc filter add dev peer1 egress prio 20 proto ip flower \ action mirred ingress redirect dev veth1 #run iperf and see connection not running $ iperf3 -s& $ ip netns exec ns0 iperf3 -c 5.5.5.6 -i 1 #delete egress rule, and run again, now should work $ tc filter del dev peer1 egress $ ip netns exec ns0 iperf3 -c 5.5.5.6 -i 1 Fixes: f697c3e8b35c ("[NET]: Avoid unnecessary cloning for ingress filtering") Change-Id: Id58956f315aef88399aa8ecd7ab29f545cb9465e Signed-off-by: Paul Blakey Signed-off-by: David S. Miller (Backported from upstream 672e97ef689a38cb20c2cc6a1814298fea34461e) Signed-off-by: Bodong Wang --- net/core/dev.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/net/core/dev.c b/net/core/dev.c index d88558b..3cb38d0 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -4617,11 +4617,13 @@ static __latent_entropy void net_tx_action(struct softirq_action *h) case TC_ACT_SHOT: mini_qdisc_qstats_cpu_drop(miniq); kfree_skb(skb); + *ret = NET_RX_DROP; return NULL; case TC_ACT_STOLEN: case TC_ACT_QUEUED: case TC_ACT_TRAP: consume_skb(skb); + *ret = NET_RX_SUCCESS; return NULL; case TC_ACT_REDIRECT: /* skb_mac_header check was done by cls/act_bpf, so @@ -4630,8 +4632,10 @@ static __latent_entropy void net_tx_action(struct softirq_action *h) */ __skb_push(skb, skb->mac_len); skb_do_redirect(skb); + *ret = NET_RX_SUCCESS; return NULL; case TC_ACT_CONSUMED: + *ret = NET_RX_SUCCESS; return NULL; default: break;