[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20190805153740.29627-1-zahari.doychev@linux.com>
Date: Mon, 5 Aug 2019 17:37:39 +0200
From: Zahari Doychev <zahari.doychev@...ux.com>
To: netdev@...r.kernel.org
Cc: bridge@...ts.linux-foundation.org, nikolay@...ulusnetworks.com,
roopa@...ulusnetworks.com, jhs@...atatu.com, dsahern@...il.com,
simon.horman@...ronome.com, makita.toshiaki@....ntt.co.jp,
xiyou.wangcong@...il.com, jiri@...nulli.us, ast@...mgrid.com,
johannes@...solutions.net,
Zahari Doychev <zahari.doychev@...ux.com>
Subject: [PATCH v2 0/1] Fix bridge mac_len handling
After the last discussion about the possible solution of the problem. I have
decided to resend the patches making the discussed corrections. It seems that
the patches are still not the complete solution as there still can be problem
handling skb->data pointing after the VLAN tag but I got the impression that
all agreed that the bridge code should be able to handle mac_len correctly.
Here again the description how to problem can be reproduce.
The Linux bridge does not correctly forward double vlan tagged packets added
using the tc act_vlan action. I am using a bridge with two netdevs and on one
of them a have the clsact qdisc with tc flower rule adding two vlan tags.
ip link add name br0 type bridge vlan_filtering 1
ip link set dev br0 up
ip link set dev net0 up
ip link set dev net0 master br0
ip link set dev net1 up
ip link set dev net1 master br0
bridge vlan add dev net0 vid 100 master
bridge vlan add dev br0 vid 100 self
bridge vlan add dev net1 vid 100 master
tc qdisc add dev net0 handle ffff: clsact
tc qdisc add dev net1 handle ffff: clsact
tc filter add dev net0 ingress pref 1 protocol all flower \
action vlan push id 10 pipe action vlan push id 100
tc filter add dev net0 egress pref 1 protocol 802.1q flower \
vlan_id 100 vlan_ethtype 802.1q cvlan_id 10 \
action vlan pop pipe action vlan pop
When using the setup above the packets coming on net0 get double tagged but
the MAC headers gets corrupted when the packets go out of net1. The second vlan
header is not considered in br_dev_queue_push_xmit. The skb data pointer is
decremented only by the ETH_HLEN length. This later causes the function
validate_xmit_vlan to insert the outer vlan tag behind the inner vlan tag.
The inner vlan becomes in this way part of the source mac address.
The problem in the bridge forwarding is fixed by using the mac_len when using
skb_push before forwarding the packets which ensures that the skb->data is
set correctly on push/pull.
Changes from v1:
- reset mac_len in br_dev_xmit
Zahari Doychev (1):
net: bridge: use mac_len in bridge forwarding
net/bridge/br_device.c | 3 ++-
net/bridge/br_forward.c | 4 ++--
net/bridge/br_vlan.c | 3 ++-
3 files changed, 6 insertions(+), 4 deletions(-)
--
2.22.0
Powered by blists - more mailing lists