1 From a00590d570212c3c633bd463cef8ec7377cc7993 Mon Sep 17 00:00:00 2001
2 From: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 Date: Tue, 30 Jun 2020 12:07:44 +0100
4 Subject: [PATCH] sch_cake: fix IP protocol handling in the presence of VLAN
7 Content-Type: text/plain; charset=UTF-8
8 Content-Transfer-Encoding: 8bit
10 From: Ilya Ponetayev <i.ponetaev@ndmsystems.com>
12 CAKE was using the return value of tc_skb_protocol() and expecting it to be
13 the IP protocol type. This can fail in the presence of QinQ VLAN tags,
14 making CAKE unable to handle ECN marking and diffserv parsing in this case.
15 Fix this by implementing our own version of tc_skb_protocol(), which will
16 use skb->protocol directly, but also parse and skip over any VLAN tags and
17 return the inner protocol number instead.
19 Also fix CE marking by implementing a version of INET_ECN_set_ce() that
20 uses the same parsing routine.
22 Fixes: ea82511518f4 ("sch_cake: Add NAT awareness to packet classifier")
23 Fixes: b2100cc56fca ("sch_cake: Use tc_skb_protocol() helper for getting packet protocol")
24 Fixes: 046f6fd5daef ("sched: Add Common Applications Kept Enhanced (cake) qdisc")
25 Signed-off-by: Ilya Ponetayev <i.ponetaev@ndmsystems.com>
26 [ squash original two patches, rewrite commit message ]
27 Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
28 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
30 net/sched/sch_cake.c | 52 +++++++++++++++++++++++++++++++++++++++++---
31 1 file changed, 49 insertions(+), 3 deletions(-)
33 --- a/net/sched/sch_cake.c
34 +++ b/net/sched/sch_cake.c
35 @@ -497,6 +497,52 @@ static bool cobalt_queue_empty(struct co
39 +static __be16 cake_skb_proto(const struct sk_buff *skb)
41 + unsigned int offset = skb_mac_offset(skb) + sizeof(struct ethhdr);
42 + __be16 proto = skb->protocol;
43 + struct vlan_hdr vhdr, *vh;
45 + while (proto == htons(ETH_P_8021Q) || proto == htons(ETH_P_8021AD)) {
46 + vh = skb_header_pointer(skb, offset, sizeof(vhdr), &vhdr);
50 + proto = vh->h_vlan_encapsulated_proto;
51 + offset += sizeof(vhdr);
57 +static int cake_set_ce(struct sk_buff *skb)
59 + int wlen = skb_network_offset(skb);
61 + switch (cake_skb_proto(skb)) {
62 + case htons(ETH_P_IP):
63 + wlen += sizeof(struct iphdr);
64 + if (!pskb_may_pull(skb, wlen) ||
65 + skb_try_make_writable(skb, wlen))
68 + return IP_ECN_set_ce(ip_hdr(skb));
70 + case htons(ETH_P_IPV6):
71 + wlen += sizeof(struct ipv6hdr);
72 + if (!pskb_may_pull(skb, wlen) ||
73 + skb_try_make_writable(skb, wlen))
76 + return IP6_ECN_set_ce(skb, ipv6_hdr(skb));
85 /* Call this with a freshly dequeued packet for possible congestion marking.
86 * Returns true as an instruction to drop the packet, false for delivery.
88 @@ -549,7 +595,7 @@ static bool cobalt_should_drop(struct co
90 if (next_due && vars->dropping) {
91 /* Use ECN mark if possible, otherwise drop */
92 - drop = !(vars->ecn_marked = INET_ECN_set_ce(skb));
93 + drop = !(vars->ecn_marked = cake_set_ce(skb));
97 @@ -592,7 +638,7 @@ static bool cake_update_flowkeys(struct
98 bool rev = !skb->_nfct, upd = false;
101 - if (skb_protocol(skb, true) != htons(ETH_P_IP))
102 + if (cake_skb_proto(skb) != htons(ETH_P_IP))
105 if (!nf_ct_get_tuple_skb(&tuple, skb))
106 @@ -1557,7 +1603,7 @@ static u8 cake_handle_diffserv(struct sk
110 - switch (skb_protocol(skb, true)) {
111 + switch (cake_skb_proto(skb)) {
112 case htons(ETH_P_IP):
113 buf = skb_header_pointer(skb, offset, sizeof(buf_), &buf_);