From patchwork Wed Apr 15 10:20:42 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Nicolas Dichtel <nicolas.dichtel@6wind.com>
X-Patchwork-Id: 461467
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id ABB6314016A
	for <patchwork-incoming@ozlabs.org>;
	Wed, 15 Apr 2015 20:20:52 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754523AbbDOKUs (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Wed, 15 Apr 2015 06:20:48 -0400
Received: from mail-wi0-f170.google.com ([209.85.212.170]:36193 "EHLO
	mail-wi0-f170.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753817AbbDOKUq (ORCPT
	<rfc822;netdev@vger.kernel.org>); Wed, 15 Apr 2015 06:20:46 -0400
Received: by wizk4 with SMTP id k4so148485409wiz.1
	for <netdev@vger.kernel.org>; Wed, 15 Apr 2015 03:20:45 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:message-id:date:from:reply-to:organization
	:user-agent:mime-version:to:subject:references:in-reply-to
	:content-type:content-transfer-encoding;
	bh=Z6zYfvYsGuBrYPGR1Xppm45YkLoFx5qbg9BqNL29bUs=;
	b=C8jQhzLcW7er7ATgQB20JV4SqXxlty2EbVQKi8qONPUkPrfjXj5l6c0WXoA6Cxbezl
	j4/Bx4NawMLJ98hkpBvkKI0RscyO2vT/ZCvfYblXfqYiPCHQs2yxAWuwT94KzNAEH9n8
	04NWp+d8Wz+qRngauNkxQl0nvxlt65E3CHGm5l/oTaDuGKLLFgM4fTMnEdcKPcP8SiEy
	9eOurHQ1rIuAZQsntO5e9wVaAQ8cQBiLpP9XykleLuCvEMUw1b98xX+6nLeBcTmksPtn
	Jsjl9jexd4/Ym0DGWsnzE6Q3epVlATL89zf7Tb3FItLzc7WsgnzcT7Kyt4BxaE+w8rhf
	+Hrg==
X-Gm-Message-State: 
 ALoCoQlO6oOgDEqm8rcFW8gfWBO6rR3+myv6+9o+X8cRBRZ5j3jJnLWWKdYv2OkGjKqAsAP25iYM
X-Received: by 10.194.94.164 with SMTP id dd4mr49011628wjb.56.1429093245018;
	Wed, 15 Apr 2015 03:20:45 -0700 (PDT)
Received: from ?IPv6:2a01:e35:8b63:dc30:f9f2:4597:d3da:4287?
	([2a01:e35:8b63:dc30:f9f2:4597:d3da:4287])
	by mx.google.com with ESMTPSA id
	s4sm10109605wix.14.2015.04.15.03.20.43
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Wed, 15 Apr 2015 03:20:43 -0700 (PDT)
Message-ID: <552E3B7A.2040701@6wind.com>
Date: Wed, 15 Apr 2015 12:20:42 +0200
From: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Reply-To: nicolas.dichtel@6wind.com
Organization: 6WIND
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Herbert Xu <herbert@gondor.apana.org.au>, netdev@vger.kernel.org,
	"Eric W. Biederman" <ebiederm@xmission.com>
Subject: Re: ip_tunnel: Remove gratuitous skb scrubbing
References: <20150415100107.GA3655@gondor.apana.org.au>
In-Reply-To: <20150415100107.GA3655@gondor.apana.org.au>
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Le 15/04/2015 12:01, Herbert Xu a écrit :
> The commit ea23192e8e577dfc51e0f4fc5ca113af334edff9 ("tunnels:
> harmonize cleanup done on skb on rx path") broke anyone trying to
> use netfilter marking across IPv4 tunnels.  As the commit message
> did not give any justification for this (in fact it shouldn't
> even be touching the tx path), I can only assume that it was a typo.
If I remember well, this was discussed on netdev (CC Eric). The goal of this
patch was, like the title said, to hamonize packets processing in tunnels.
I'm not against to keep the mark, but I think patching skb_scrub_packet is
better. With your patch, ip6tnl, gre6, etc. still drops the mark. And at the
end, it's not consistant.

What about something like this:
---
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 3b6e5830256e..1d5f6bd0e383 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -4124,14 +4124,15 @@ EXPORT_SYMBOL(skb_try_coalesce);
   */
  void skb_scrub_packet(struct sk_buff *skb, bool xnet)
  {
-	if (xnet)
+	if (xnet) {
  		skb_orphan(skb);
+		skb->mark = 0;
+	}
  	skb->tstamp.tv64 = 0;
  	skb->pkt_type = PACKET_HOST;
  	skb->skb_iif = 0;
  	skb->ignore_df = 0;
  	skb_dst_drop(skb);
-	skb->mark = 0;
  	skb_sender_cpu_clear(skb);
  	skb_init_secmark(skb);
  	secpath_reset(skb);