From 3df1928302950dfa728ab2eade28eea0da291567 Mon Sep 17 00:00:00 2001 From: William Tu Date: Mon, 5 Feb 2018 13:35:34 -0800 Subject: [PATCH 1/3] net: erspan: fix metadata extraction Commit d350a823020e ("net: erspan: create erspan metadata uapi header") moves the erspan 'version' in front of the 'struct erspan_md2' for later extensibility reason. This breaks the existing erspan metadata extraction code because the erspan_md2 then has a 4-byte offset to between the erspan_metadata and erspan_base_hdr. This patch fixes it. Fixes: 1a66a836da63 ("gre: add collect_md mode to ERSPAN tunnel") Fixes: ef7baf5e083c ("ip6_gre: add ip6 erspan collect_md mode") Fixes: 1d7e2ed22f8d ("net: erspan: refactor existing erspan code") Signed-off-by: William Tu Signed-off-by: David S. Miller --- include/net/erspan.h | 26 +++++++++++++------------- net/ipv4/ip_gre.c | 5 ++++- net/ipv6/ip6_gre.c | 6 ++++-- 3 files changed, 21 insertions(+), 16 deletions(-) diff --git a/include/net/erspan.h b/include/net/erspan.h index 5daa4866412be5..d044aa60cc76ff 100644 --- a/include/net/erspan.h +++ b/include/net/erspan.h @@ -159,13 +159,13 @@ static inline void erspan_build_header(struct sk_buff *skb, struct ethhdr *eth = (struct ethhdr *)skb->data; enum erspan_encap_type enc_type; struct erspan_base_hdr *ershdr; - struct erspan_metadata *ersmd; struct qtag_prefix { __be16 eth_type; __be16 tci; } *qp; u16 vlan_tci = 0; u8 tos; + __be32 *idx; tos = is_ipv4 ? ip_hdr(skb)->tos : (ipv6_hdr(skb)->priority << 4) + @@ -195,8 +195,8 @@ static inline void erspan_build_header(struct sk_buff *skb, set_session_id(ershdr, id); /* Build metadata */ - ersmd = (struct erspan_metadata *)(ershdr + 1); - ersmd->u.index = htonl(index & INDEX_MASK); + idx = (__be32 *)(ershdr + 1); + *idx = htonl(index & INDEX_MASK); } /* ERSPAN GRA: timestamp granularity @@ -225,7 +225,7 @@ static inline void erspan_build_header_v2(struct sk_buff *skb, { struct ethhdr *eth = (struct ethhdr *)skb->data; struct erspan_base_hdr *ershdr; - struct erspan_metadata *md; + struct erspan_md2 *md2; struct qtag_prefix { __be16 eth_type; __be16 tci; @@ -261,15 +261,15 @@ static inline void erspan_build_header_v2(struct sk_buff *skb, set_session_id(ershdr, id); /* Build metadata */ - md = (struct erspan_metadata *)(ershdr + 1); - md->u.md2.timestamp = erspan_get_timestamp(); - md->u.md2.sgt = htons(sgt); - md->u.md2.p = 1; - md->u.md2.ft = 0; - md->u.md2.dir = direction; - md->u.md2.gra = gra; - md->u.md2.o = 0; - set_hwid(&md->u.md2, hwid); + md2 = (struct erspan_md2 *)(ershdr + 1); + md2->timestamp = erspan_get_timestamp(); + md2->sgt = htons(sgt); + md2->p = 1; + md2->ft = 0; + md2->dir = direction; + md2->gra = gra; + md2->o = 0; + set_hwid(md2, hwid); } #endif diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c index 6ec670fbbbddf9..9b50eddd18823e 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c @@ -261,6 +261,7 @@ static int erspan_rcv(struct sk_buff *skb, struct tnl_ptk_info *tpi, struct ip_tunnel_net *itn; struct ip_tunnel *tunnel; const struct iphdr *iph; + struct erspan_md2 *md2; int ver; int len; @@ -313,8 +314,10 @@ static int erspan_rcv(struct sk_buff *skb, struct tnl_ptk_info *tpi, return PACKET_REJECT; md = ip_tunnel_info_opts(&tun_dst->u.tun_info); - memcpy(md, pkt_md, sizeof(*md)); md->version = ver; + md2 = &md->u.md2; + memcpy(md2, pkt_md, ver == 1 ? ERSPAN_V1_MDSIZE : + ERSPAN_V2_MDSIZE); info = &tun_dst->u.tun_info; info->key.tun_flags |= TUNNEL_ERSPAN_OPT; diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c index 05f070e123e4d4..50913dbd0612e9 100644 --- a/net/ipv6/ip6_gre.c +++ b/net/ipv6/ip6_gre.c @@ -505,6 +505,7 @@ static int ip6erspan_rcv(struct sk_buff *skb, int gre_hdr_len, struct erspan_base_hdr *ershdr; struct erspan_metadata *pkt_md; const struct ipv6hdr *ipv6h; + struct erspan_md2 *md2; struct ip6_tnl *tunnel; u8 ver; @@ -551,9 +552,10 @@ static int ip6erspan_rcv(struct sk_buff *skb, int gre_hdr_len, info = &tun_dst->u.tun_info; md = ip_tunnel_info_opts(info); - - memcpy(md, pkt_md, sizeof(*md)); md->version = ver; + md2 = &md->u.md2; + memcpy(md2, pkt_md, ver == 1 ? ERSPAN_V1_MDSIZE : + ERSPAN_V2_MDSIZE); info->key.tun_flags |= TUNNEL_ERSPAN_OPT; info->options_len = sizeof(*md); From 39f57f6799cdd437277122d4cd1c470c08f527c0 Mon Sep 17 00:00:00 2001 From: William Tu Date: Mon, 5 Feb 2018 13:35:35 -0800 Subject: [PATCH 2/3] net: erspan: fix erspan config overwrite When an erspan tunnel device receives an erpsan packet with different tunnel metadata (ex: version, index, hwid, direction), existing code overwrites the tunnel device's erspan configuration with the received packet's metadata. The patch fixes it. Fixes: 1a66a836da63 ("gre: add collect_md mode to ERSPAN tunnel") Fixes: f551c91de262 ("net: erspan: introduce erspan v2 for ip_gre") Fixes: ef7baf5e083c ("ip6_gre: add ip6 erspan collect_md mode") Fixes: 94d7d8f29287 ("ip6_gre: add erspan v2 support") Signed-off-by: William Tu Signed-off-by: David S. Miller --- net/ipv4/ip_gre.c | 9 --------- net/ipv6/ip6_gre.c | 9 --------- 2 files changed, 18 deletions(-) diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c index 9b50eddd18823e..45d97e9b2759dc 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c @@ -322,15 +322,6 @@ static int erspan_rcv(struct sk_buff *skb, struct tnl_ptk_info *tpi, info = &tun_dst->u.tun_info; info->key.tun_flags |= TUNNEL_ERSPAN_OPT; info->options_len = sizeof(*md); - } else { - tunnel->erspan_ver = ver; - if (ver == 1) { - tunnel->index = ntohl(pkt_md->u.index); - } else { - tunnel->dir = pkt_md->u.md2.dir; - tunnel->hwid = get_hwid(&pkt_md->u.md2); - } - } skb_reset_mac_header(skb); diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c index 50913dbd0612e9..3c353125546d87 100644 --- a/net/ipv6/ip6_gre.c +++ b/net/ipv6/ip6_gre.c @@ -562,15 +562,6 @@ static int ip6erspan_rcv(struct sk_buff *skb, int gre_hdr_len, ip6_tnl_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error); } else { - tunnel->parms.erspan_ver = ver; - - if (ver == 1) { - tunnel->parms.index = ntohl(pkt_md->u.index); - } else { - tunnel->parms.dir = pkt_md->u.md2.dir; - tunnel->parms.hwid = get_hwid(&pkt_md->u.md2); - } - ip6_tnl_rcv(tunnel, skb, tpi, NULL, log_ecn_error); } From 9c33ca4317c81d9a5d030bbc60aeb2d16edf172b Mon Sep 17 00:00:00 2001 From: William Tu Date: Mon, 5 Feb 2018 13:35:36 -0800 Subject: [PATCH 3/3] sample/bpf: fix erspan metadata The commit c69de58ba84f ("net: erspan: use bitfield instead of mask and offset") changes the erspan header to use bitfield, and commit d350a823020e ("net: erspan: create erspan metadata uapi header") creates a uapi header file. The above two commit breaks the current erspan test. This patch fixes it by adapting the above two changes. Fixes: ac80c2a165af ("samples/bpf: add erspan v2 sample code") Fixes: ef88f89c830f ("samples/bpf: extend test_tunnel_bpf.sh with ERSPAN") Signed-off-by: William Tu Signed-off-by: David S. Miller --- samples/bpf/tcbpf2_kern.c | 41 +++++++++++++--------------------- samples/bpf/test_tunnel_bpf.sh | 4 ++-- 2 files changed, 18 insertions(+), 27 deletions(-) diff --git a/samples/bpf/tcbpf2_kern.c b/samples/bpf/tcbpf2_kern.c index f6bbf8f50da39b..efdc16d195ff6e 100644 --- a/samples/bpf/tcbpf2_kern.c +++ b/samples/bpf/tcbpf2_kern.c @@ -15,6 +15,7 @@ #include #include #include +#include #include #include "bpf_helpers.h" #include "bpf_endian.h" @@ -35,24 +36,10 @@ struct geneve_opt { u8 opt_data[8]; /* hard-coded to 8 byte */ }; -struct erspan_md2 { - __be32 timestamp; - __be16 sgt; - __be16 flags; -}; - struct vxlan_metadata { u32 gbp; }; -struct erspan_metadata { - union { - __be32 index; - struct erspan_md2 md2; - } u; - int version; -}; - SEC("gre_set_tunnel") int _gre_set_tunnel(struct __sk_buff *skb) { @@ -156,13 +143,15 @@ int _erspan_set_tunnel(struct __sk_buff *skb) __builtin_memset(&md, 0, sizeof(md)); #ifdef ERSPAN_V1 md.version = 1; - md.u.index = htonl(123); + md.u.index = bpf_htonl(123); #else u8 direction = 1; - u16 hwid = 7; + u8 hwid = 7; md.version = 2; - md.u.md2.flags = htons((direction << 3) | (hwid << 4)); + md.u.md2.dir = direction; + md.u.md2.hwid = hwid & 0xf; + md.u.md2.hwid_upper = (hwid >> 4) & 0x3; #endif ret = bpf_skb_set_tunnel_opt(skb, &md, sizeof(md)); @@ -207,9 +196,9 @@ int _erspan_get_tunnel(struct __sk_buff *skb) char fmt2[] = "\tdirection %d hwid %x timestamp %u\n"; bpf_trace_printk(fmt2, sizeof(fmt2), - (ntohs(md.u.md2.flags) >> 3) & 0x1, - (ntohs(md.u.md2.flags) >> 4) & 0x3f, - bpf_ntohl(md.u.md2.timestamp)); + md.u.md2.dir, + (md.u.md2.hwid_upper << 4) + md.u.md2.hwid, + bpf_ntohl(md.u.md2.timestamp)); #endif return TC_ACT_OK; @@ -242,10 +231,12 @@ int _ip4ip6erspan_set_tunnel(struct __sk_buff *skb) md.version = 1; #else u8 direction = 0; - u16 hwid = 17; + u8 hwid = 17; md.version = 2; - md.u.md2.flags = htons((direction << 3) | (hwid << 4)); + md.u.md2.dir = direction; + md.u.md2.hwid = hwid & 0xf; + md.u.md2.hwid_upper = (hwid >> 4) & 0x3; #endif ret = bpf_skb_set_tunnel_opt(skb, &md, sizeof(md)); @@ -290,9 +281,9 @@ int _ip4ip6erspan_get_tunnel(struct __sk_buff *skb) char fmt2[] = "\tdirection %d hwid %x timestamp %u\n"; bpf_trace_printk(fmt2, sizeof(fmt2), - (ntohs(md.u.md2.flags) >> 3) & 0x1, - (ntohs(md.u.md2.flags) >> 4) & 0x3f, - bpf_ntohl(md.u.md2.timestamp)); + md.u.md2.dir, + (md.u.md2.hwid_upper << 4) + md.u.md2.hwid, + bpf_ntohl(md.u.md2.timestamp)); #endif return TC_ACT_OK; diff --git a/samples/bpf/test_tunnel_bpf.sh b/samples/bpf/test_tunnel_bpf.sh index ae7f7c38309b8c..43ce049996eeb5 100755 --- a/samples/bpf/test_tunnel_bpf.sh +++ b/samples/bpf/test_tunnel_bpf.sh @@ -68,7 +68,7 @@ function add_erspan_tunnel { ip netns exec at_ns0 \ ip link add dev $DEV_NS type $TYPE seq key 2 \ local 172.16.1.100 remote 172.16.1.200 \ - erspan_ver 2 erspan_dir 1 erspan_hwid 3 + erspan_ver 2 erspan_dir egress erspan_hwid 3 fi ip netns exec at_ns0 ip link set dev $DEV_NS up ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24 @@ -97,7 +97,7 @@ function add_ip6erspan_tunnel { ip netns exec at_ns0 \ ip link add dev $DEV_NS type $TYPE seq key 2 \ local ::11 remote ::22 \ - erspan_ver 2 erspan_dir 1 erspan_hwid 7 + erspan_ver 2 erspan_dir egress erspan_hwid 7 fi ip netns exec at_ns0 ip addr add dev $DEV_NS 10.1.1.100/24 ip netns exec at_ns0 ip link set dev $DEV_NS up