From: Ben Pfaff <blp-LZ6Gd1LRuIk@public•gmane.org>
To: "Michał Mirosław" <mirq-linux-CoA6ZxLDdyEEUmgCuDUIdw@public•gmane.org>
Cc: dev-yBygre7rU0TnMu66kgdUjQ@public•gmane.org,
netdev-u79uwXL29TY76Z2rM5mHXA@public•gmane.org,
bridge-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public•gmane.org
Subject: Re: [PATCH net-next] net: remove abuse of VLAN DEI/CFI bit
Date: Mon, 5 Dec 2016 16:59:49 -0800 [thread overview]
Message-ID: <20161206005949.GM3129@ovn.org> (raw)
In-Reply-To: <20161205225247.e3dd6dcw3ryjjlp2-CoA6ZxLDdyEEUmgCuDUIdw@public.gmane.org>
On Mon, Dec 05, 2016 at 11:52:47PM +0100, Michał Mirosław wrote:
> On Mon, Dec 05, 2016 at 10:55:45AM -0800, Ben Pfaff wrote:
> > On Mon, Dec 05, 2016 at 06:24:36PM +0100, Michał Mirosław wrote:
> > > On Sat, Dec 03, 2016 at 03:27:30PM -0800, Ben Pfaff wrote:
> > > > On Sat, Dec 03, 2016 at 10:22:28AM +0100, Michał Mirosław wrote:
> > > > > This All-in-one patch removes abuse of VLAN CFI bit, so it can be passed
> > > > > intact through linux networking stack.
> > > > This appears to change the established Open vSwitch userspace API. You
> > > > can see that simply from the way that it changes the documentation for
> > > > the userspace API. If I'm right about that, then this change will break
> > > > all userspace programs that use the Open vSwitch kernel module,
> > > > including Open vSwitch itself.
> > >
> > > If I understood the code correctly, it does change expected meaning for
> > > the (unlikely?) case of header truncated just before the VLAN TCI - it will
> > > be impossible to differentiate this case from the VLAN TCI == 0.
> > >
> > > I guess this is a problem with OVS API, because it doesn't directly show
> > > the "missing" state of elements, but relies on an "invalid" value.
> >
> > That particular corner case should not be a huge problem in any case.
> >
> > The real problem is that this appears to break the common case use of
> > VLANs in Open vSwitch. After this patch, parse_vlan() in
> > net/openvswitch/flow.c copies the tpid and tci from sk_buff (either the
> > accelerated version of them or the version in the skb data) into
> > sw_flow_key members. OK, that's fine on it's own. However, I don't see
> > any corresponding change to the code in flow_netlink.c to compensate for
> > the fact that, until now, the VLAN CFI bit (formerly VLAN_TAG_PRESENT)
> > was always required to be set to 1 in flow matches inside Netlink
> > messages sent from userspace, and the kernel always set it to 1 in
> > corresponding messages sent to userspace.
> >
> > In other words, if I'm reading this change correctly:
> >
> > * With a kernel before this change, userspace always had to set
> > VLAN_TAG_PRESENT to 1 to match on a VLAN, or the kernel would
> > reject the flow match.
> >
> > * With a kernel after this change, userspace must not set
> > VLAN_TAG_PRESENT to 1, otherwise the kernel will accept the flow
> > match but nothing will ever match because packets do not actually
> > have the CFI bit set.
> >
> > Take a look at this code that the patch deletes from
> > validate_vlan_from_nlattrs(), for example, and see how it insisted that
> > VLAN_TAG_PRESENT was set:
> >
> > if (!(tci & htons(VLAN_TAG_PRESENT))) {
> > if (tci) {
> > OVS_NLERR(log, "%s TCI does not have VLAN_TAG_PRESENT bit set.",
> > (inner) ? "C-VLAN" : "VLAN");
> > return -EINVAL;
> > } else if (nla_len(a[OVS_KEY_ATTR_ENCAP])) {
> > /* Corner case for truncated VLAN header. */
> > OVS_NLERR(log, "Truncated %s header has non-zero encap attribute.",
> > (inner) ? "C-VLAN" : "VLAN");
> > return -EINVAL;
> > }
> > }
> >
> > Please let me know if I'm overlooking something.
>
> Hmm. So the easiest change without disrupting current userspace, would be
> to flip the CFI bit on the way to/from OVS userspace. Does this seem
> correct?
That sounds correct. (The bit should not be flipped in the mask.)
Thanks,
Ben.
_______________________________________________
dev mailing list
dev@openvswitch•org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
next prev parent reply other threads:[~2016-12-06 0:59 UTC|newest]
Thread overview: 85+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-03 9:22 [PATCH net-next] net: remove abuse of VLAN DEI/CFI bit Michał Mirosław
2016-12-03 23:27 ` [ovs-dev] " Ben Pfaff
2016-12-05 17:24 ` Michał Mirosław
2016-12-05 18:55 ` Ben Pfaff
[not found] ` <20161205185545.GB3129-LZ6Gd1LRuIk@public.gmane.org>
2016-12-05 22:52 ` Michał Mirosław
[not found] ` <20161205225247.e3dd6dcw3ryjjlp2-CoA6ZxLDdyEEUmgCuDUIdw@public.gmane.org>
2016-12-06 0:59 ` Ben Pfaff [this message]
2016-12-13 0:12 ` [PATCH net-next 00/27] Remove VLAN CFI bit abuse Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 01/27] net/vlan: introduce __vlan_hwaccel_clear_tag() helper Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 03/27] ibmvnic: fix accelerated VLAN handling Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 02/27] net/vlan: introduce __vlan_hwaccel_copy_tag() helper Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 04/27] qlcnic: remove assumption that vlan_tci != 0 Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 05/27] i40iw: remove use of VLAN_TAG_PRESENT Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 08/27] net/hyperv: " Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 06/27] cnic: " Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 07/27] gianfar: " Michał Mirosław
2016-12-13 12:09 ` Claudiu Manoil
2016-12-13 0:12 ` [PATCH net-next 09/27] cxgb4: use __vlan_hwaccel helpers Michał Mirosław
2016-12-13 1:40 ` Steve Wise
2016-12-13 0:12 ` [PATCH net-next 11/27] sky2: " Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 13/27] bridge: " Michał Mirosław
2016-12-13 12:59 ` Sergei Shtylyov
2016-12-13 15:11 ` Michał Mirosław
2016-12-14 0:40 ` Toshiaki Makita
2016-12-13 0:12 ` [PATCH net-next 14/27] 8021q: " Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 18/27] net/skbuff: add macros for VLAN_PRESENT bit Michał Mirosław
[not found] ` <cover.1481586602.git.mirq-linux-CoA6ZxLDdyEEUmgCuDUIdw@public.gmane.org>
2016-12-13 0:12 ` [PATCH net-next 17/27] OVS: remove assumptions about VLAN_TAG_PRESENT bit Michał Mirosław
[not found] ` <e44219bc56d3e44aa0711c83c626adabf4c4ecd8.1481586602.git.mirq-linux-CoA6ZxLDdyEEUmgCuDUIdw@public.gmane.org>
2016-12-13 10:40 ` Jiri Benc
2016-12-13 15:14 ` Michał Mirosław
2016-12-13 15:31 ` [PATCH/replace net-next 17/27] OVS: remove use of VLAN_TAG_PRESENT Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 15/27] ipv4/tunnel: use __vlan_hwaccel helpers Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 16/27] nfnetlink/queue: " Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 21/27] net/bpf_jit: PPC: split VLAN_PRESENT bit handling from VLAN_TCI Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 20/27] net/bpf_jit: MIPS: " Michał Mirosław
2016-12-13 1:22 ` Ralf Baechle
2016-12-13 0:12 ` [PATCH net-next 19/27] net/bpf_jit: ARM: " Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 22/27] net/bpf_jit: SPARC: " Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 23/27] net/bpf: " Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 24/27] bpf_test: prepare for VLAN_TAG_PRESENT removal Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 26/27] net/hyperv: enable passing of VLAN.CFI bit Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 25/27] net: remove VLAN_TAG_PRESENT Michał Mirosław
2016-12-13 0:12 ` [PATCH net-next 27/27] net/vlan: remove unused #define HAVE_VLAN_GET_TAG Michał Mirosław
2016-12-13 5:18 ` [PATCH net-next 00/27] Remove VLAN CFI bit abuse Michał Mirosław
2016-12-14 1:16 ` Stephen Hemminger
2016-12-14 2:00 ` Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 00/27] Allow passing of VLAN CFI bit through network stack Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 03/27] ibmvnic: fix accelerated VLAN handling Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 01/27] net/vlan: introduce __vlan_hwaccel_clear_tag() helper Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 02/27] net/vlan: introduce __vlan_hwaccel_copy_tag() helper Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 05/27] i40iw: remove use of VLAN_TAG_PRESENT Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 06/27] cnic: " Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 04/27] qlcnic: remove assumption that vlan_tci != 0 Michał Mirosław
2017-01-04 11:29 ` Chopra, Manish
2017-01-03 20:52 ` [PATCH net-next v2 07/27] gianfar: remove use of VLAN_TAG_PRESENT Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 10/27] benet: use __vlan_hwaccel helpers Michał Mirosław
[not found] ` <CACZ4nhsUxWYvM5HoASHb7-m2uZtnk3DN6cQigp+cObyLqPJXdA@mail.gmail.com>
2017-01-03 23:11 ` [PATCH net-next v3 " Michał Mirosław
2017-01-11 5:29 ` Somnath Kotur
2017-01-03 20:52 ` [PATCH net-next v2 09/27] cxgb4: " Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 11/27] sky2: " Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 08/27] net/hyperv: remove use of VLAN_TAG_PRESENT Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 12/27] net/core: use __vlan_hwaccel helpers Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 14/27] 8021q: " Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 13/27] bridge: " Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 16/27] nfnetlink/queue: " Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 15/27] ipv4/tunnel: " Michał Mirosław
[not found] ` <cover.1483475202.git.mirq-linux-CoA6ZxLDdyEEUmgCuDUIdw@public.gmane.org>
2017-01-03 20:52 ` [PATCH net-next v2 17/27] OVS: remove use of VLAN_TAG_PRESENT Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 18/27] net/skbuff: add macros for VLAN_PRESENT bit Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 20/27] net/bpf_jit: MIPS: split VLAN_PRESENT bit handling from VLAN_TCI Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 19/27] net/bpf_jit: ARM: " Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 21/27] net/bpf_jit: PPC: " Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 22/27] net/bpf_jit: SPARC: " Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 24/27] bpf_test: prepare for VLAN_TAG_PRESENT removal Michał Mirosław
2017-01-03 21:16 ` Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 23/27] net/bpf: split VLAN_PRESENT bit handling from VLAN_TCI Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 25/27] net: remove VLAN_TAG_PRESENT Michał Mirosław
2017-01-03 21:15 ` [PATCH net-next v3 " Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 26/27] net/hyperv: enable passing of VLAN.CFI bit Michał Mirosław
2017-01-03 20:52 ` [PATCH net-next v2 27/27] net/vlan: remove unused #define HAVE_VLAN_GET_TAG Michał Mirosław
2017-01-03 21:32 ` [PATCH net-next v2 00/27] Allow passing of VLAN CFI bit through network stack David Miller
2017-01-03 23:21 ` Michał Mirosław
2017-01-03 23:36 ` Michał Mirosław
2017-01-04 0:13 ` Michał Mirosław
2016-12-14 1:21 ` [PATCH net-next] net: remove abuse of VLAN DEI/CFI bit Stephen Hemminger
2016-12-14 2:03 ` Michał Mirosław
[not found] ` <20161214020305.qck2bpxmfh6ltrw7-CoA6ZxLDdyEEUmgCuDUIdw@public.gmane.org>
2016-12-14 2:21 ` Alexei Starovoitov
2016-12-14 14:28 ` Michał Mirosław
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161206005949.GM3129@ovn.org \
--to=blp-lz6gd1lruik@public$(echo .)gmane.org \
--cc=bridge-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public$(echo .)gmane.org \
--cc=dev-yBygre7rU0TnMu66kgdUjQ@public$(echo .)gmane.org \
--cc=mirq-linux-CoA6ZxLDdyEEUmgCuDUIdw@public$(echo .)gmane.org \
--cc=netdev-u79uwXL29TY76Z2rM5mHXA@public$(echo .)gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox