From patchwork Sat Nov  7 19:59:45 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Joe Stringer <joestringer@nicira.com>
X-Patchwork-Id: 541365
Return-Path: <dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from archives.nicira.com (li376-54.members.linode.com
	[96.126.127.54]) by ozlabs.org (Postfix) with ESMTP id 81FB21402C6
	for <incoming@patchwork.ozlabs.org>;
	Sun,  8 Nov 2015 07:00:59 +1100 (AEDT)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=nicira_com.20150623.gappssmtp.com
	header.i=@nicira_com.20150623.gappssmtp.com header.b=teDnW2+z;
	dkim-atps=neutral
Received: from archives.nicira.com (localhost [127.0.0.1])
	by archives.nicira.com (Postfix) with ESMTP id AE1DA10A31;
	Sat,  7 Nov 2015 12:00:24 -0800 (PST)
X-Original-To: dev@openvswitch.org
Delivered-To: dev@openvswitch.org
Received: from mx3v3.cudamail.com (mx3.cudamail.com [64.34.241.5])
	by archives.nicira.com (Postfix) with ESMTPS id 7B95D109F6
	for <dev@openvswitch.org>; Sat,  7 Nov 2015 12:00:23 -0800 (PST)
Received: from bar3.cudamail.com (localhost [127.0.0.1])
	by mx3v3.cudamail.com (Postfix) with ESMTPS id 1352A162F83
	for <dev@openvswitch.org>; Sat,  7 Nov 2015 13:00:23 -0700 (MST)
X-ASG-Debug-ID: 1446926422-03dd7b490b1f0e0001-byXFYA
Received: from mx3-pf3.cudamail.com ([192.168.14.3]) by bar3.cudamail.com
	with
	ESMTP id IboREePs4ai8tK2e (version=TLSv1 cipher=DHE-RSA-AES256-SHA
	bits=256 verify=NO) for <dev@openvswitch.org>;
	Sat, 07 Nov 2015 13:00:22 -0700 (MST)
X-Barracuda-Envelope-From: joestringer@nicira.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.14.3
Received: from unknown (HELO mail-pa0-f41.google.com) (209.85.220.41)
	by mx3-pf3.cudamail.com with ESMTPS (RC4-SHA encrypted);
	7 Nov 2015 20:10:30 -0000
Received-SPF: unknown (mx3-pf3.cudamail.com: Multiple SPF records returned)
X-Barracuda-RBL-Trusted-Forwarder: 209.85.220.41
Received: by pacdm15 with SMTP id dm15so132297665pac.3
	for <dev@openvswitch.org>; Sat, 07 Nov 2015 12:00:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=nicira_com.20150623.gappssmtp.com; s=20150623;
	h=from:to:subject:date:message-id:in-reply-to:references;
	bh=6oV9sy8sSHkzZduSzQduuJsj+dKPDWxvfuao3mEDG2o=;
	b=teDnW2+zxtxxwHNUG58zNqaC5YEBwSmRIhA/c9N2xv3R4VUM3BZHoHFYIQAvCzOJXx
	jipflyD3fuPC5oxXlYTn/jbvvDv3xiGDaV3HbnH3sb2SFALFIi8SnaRybX8Yk51Ljdj3
	cjm3Hm4AzZuhpGWYyiGowsT5uY4Iq4U84ETDuxFkjXpKltkDMH6WAOnYD9fSofsO80wp
	LQ6RcdNBgKOGBv6r/slhwvAeFnP7zOhZTz2p7xwk44HhE0HWcy7iM8mV2bwr6zfulsqp
	eK/3ShosHfYvnSVGFcdjnOxL5ssMeJv7lveTZ9pXrZixcjpjvepNmDf8j3rswzfmNkrk
	HBog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
	:references;
	bh=6oV9sy8sSHkzZduSzQduuJsj+dKPDWxvfuao3mEDG2o=;
	b=CYD1VJ3jcx/oHzB8DnpmVOGXRDkrDpB8vUaUpPcF172g0+ag6kdFiNUWVCIR9rQfQ6
	LEwtKnIVoHvGeq1U/bm91OPTtgzuErDy/N7OK9EAHZbPeo69WTVWPBLVMc2Ne+1P3oHB
	c4KoWITxMZZJwMqp0ZncIQXPFQFu2XbgfwF3KgjZ+SLb6+jC5M4AP7YTvkHiIZTJ+20Y
	u96zbo4AFroSI95icmcxMIBGOwA6C7VOGoljQyB15NXrCR5kijFPtYxFO3jl0nLCTpHC
	nZfvzTjhKpOOj55lwWVqg7GO1x4huYu2Fbrhh2mzNi7vYhHuM+AuPs1h0qGLOzIC7MXq
	v90A==
X-Gm-Message-State: 
 ALoCoQmDdbMYxm97iaknXHP4W0tTCgvMbxJrIH+lpUR1hC85M6CLXyuhFmd52V2WpmSN8I5/3far
X-Received: by 10.66.248.8 with SMTP id yi8mr27501545pac.62.1446926422042;
	Sat, 07 Nov 2015 12:00:22 -0800 (PST)
Received: from localhost.localdomain ([208.91.2.4])
	by smtp.gmail.com with ESMTPSA id
	nu5sm7312219pbb.65.2015.11.07.12.00.20 for <dev@openvswitch.org>
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Sat, 07 Nov 2015 12:00:21 -0800 (PST)
X-CudaMail-Envelope-Sender: joestringer@nicira.com
X-Barracuda-Apparent-Source-IP: 208.91.2.4
From: Joe Stringer <joestringer@nicira.com>
To: dev@openvswitch.org
X-CudaMail-Whitelist-To: dev@openvswitch.org
X-CudaMail-MID: CM-V3-1106015552
X-CudaMail-DTE: 110715
X-CudaMail-Originating-IP: 209.85.220.41
Date: Sat,  7 Nov 2015 11:59:45 -0800
X-ASG-Orig-Subj: [##CM-V3-1106015552##][PATCH 07/23] compat: Backport
	ip_skb_dst_mtu().
Message-Id: <1446926401-55723-8-git-send-email-joestringer@nicira.com>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <1446926401-55723-1-git-send-email-joestringer@nicira.com>
References: <1446926401-55723-1-git-send-email-joestringer@nicira.com>
X-Barracuda-Connect: UNKNOWN[192.168.14.3]
X-Barracuda-Start-Time: 1446926422
X-Barracuda-Encrypted: DHE-RSA-AES256-SHA
X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi
X-ASG-Whitelist: Header =?UTF-8?B?eFwtY3VkYW1haWxcLXdoaXRlbGlzdFwtdG8=?=
X-Virus-Scanned: by bsmtpd at cudamail.com
X-Barracuda-BRTS-Status: 1
Subject: [ovs-dev] [PATCH 07/23] compat: Backport ip_skb_dst_mtu().
X-BeenThere: dev@openvswitch.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: <dev.openvswitch.org>
List-Unsubscribe: <http://openvswitch.org/mailman/options/dev>,
	<mailto:dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://openvswitch.org/pipermail/dev>
List-Post: <mailto:dev@openvswitch.org>
List-Help: <mailto:dev-request@openvswitch.org?subject=help>
List-Subscribe: <http://openvswitch.org/mailman/listinfo/dev>,
	<mailto:dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: dev-bounces@openvswitch.org
Sender: "dev" <dev-bounces@openvswitch.org>

From upstream f87c10a8aa1e ("ipv4: introduce ip_dst_mtu_maybe_forward
and protect forwarding path against pmtu spoofing")

Signed-off-by: Joe Stringer <joestringer@nicira.com>
---
 acinclude.m4                           |  1 +
 datapath/linux/compat/include/net/ip.h | 39 ++++++++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)

diff --git a/acinclude.m4 b/acinclude.m4
index aae4e1b6be49..33e52d268b85 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -350,6 +350,7 @@ AC_DEFUN([OVS_CHECK_LINUX_COMPAT], [
   OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [inet_get_local_port_range.*net],
                   [OVS_DEFINE([HAVE_INET_GET_LOCAL_PORT_RANGE_USING_NET])])
   OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [ip_is_fragment])
+  OVS_GREP_IFELSE([$KSRC/include/net/ip.h], [ip_skb_dst_mtu])
   OVS_GREP_IFELSE([$KSRC/include/net/dst_metadata.h], [metadata_dst])
 
   OVS_GREP_IFELSE([$KSRC/include/linux/net.h], [sock_create_kern.*net],
diff --git a/datapath/linux/compat/include/net/ip.h b/datapath/linux/compat/include/net/ip.h
index a9401a7f0e7c..ead6e2904ba7 100644
--- a/datapath/linux/compat/include/net/ip.h
+++ b/datapath/linux/compat/include/net/ip.h
@@ -22,4 +22,43 @@ static inline void rpl_inet_get_local_port_range(struct net *net, int *low,
 
 #endif
 
+/* IPv4 datagram length is stored into 16bit field (tot_len) */
+#ifndef IP_MAX_MTU
+#define IP_MAX_MTU	0xFFFFU
+#endif
+
+#ifndef HAVE_IP_SKB_DST_MTU
+static inline bool rpl_ip_sk_use_pmtu(const struct sock *sk)
+{
+	return inet_sk(sk)->pmtudisc < IP_PMTUDISC_PROBE;
+}
+#define ip_sk_use_pmtu rpl_ip_sk_use_pmtu
+
+static inline unsigned int ip_dst_mtu_maybe_forward(const struct dst_entry *dst,
+						    bool forwarding)
+{
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,14,0)
+	struct net *net = dev_net(dst->dev);
+
+	if (net->ipv4.sysctl_ip_fwd_use_pmtu ||
+	    dst_metric_locked(dst, RTAX_MTU) ||
+	    !forwarding)
+		return dst_mtu(dst);
+#endif
+
+	return min(dst->dev->mtu, IP_MAX_MTU);
+}
+
+static inline unsigned int rpl_ip_skb_dst_mtu(const struct sk_buff *skb)
+{
+	if (!skb->sk || ip_sk_use_pmtu(skb->sk)) {
+		bool forwarding = IPCB(skb)->flags & IPSKB_FORWARDED;
+		return ip_dst_mtu_maybe_forward(skb_dst(skb), forwarding);
+	} else {
+		return min(skb_dst(skb)->dev->mtu, IP_MAX_MTU);
+	}
+}
+#define ip_skb_dst_mtu rpl_ip_skb_dst_mtu
+#endif /* HAVE_IP_SKB_DST_MTU */
+
 #endif