git.baikalelectronics.ru Git - kernel.git/commit

author	Davide Caratti <dcaratti@redhat.com>
	Thu, 10 Feb 2022 17:56:08 +0000 (18:56 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 14 Jun 2022 16:36:28 +0000 (18:36 +0200)
commit	038afeda3cd76bacd086ec5ae55e24bc1011d598
tree	1eb5e6de9b6f724c199c90a4c750127efca33369	tree \| snapshot
parent	ee23ae7ecd37763400be3807bf410441d21d00ed	commit \| diff

net/sched: act_police: more accurate MTU policing

commit 76290fa5880d9f7f86e6976eee20b7a13ed5385f upstream.

in current Linux, MTU policing does not take into account that packets at
the TC ingress have the L2 header pulled. Thus, the same TC police action
(with the same value of tcfp_mtu) behaves differently for ingress/egress.
In addition, the full GSO size is compared to tcfp_mtu: as a consequence,
the policer drops GSO packets even when individual segments have the L2 +
L3 + L4 + payload length below the configured valued of tcfp_mtu.

Improve the accuracy of MTU policing as follows:
- account for mac_len for non-GSO packets at TC ingress.
- compare MTU threshold with the segmented size for GSO packets.
Also, add a kselftest that verifies the correct behavior.

Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Reviewed-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

net/sched/act_police.c		diff \| blob \| history
tools/testing/selftests/net/forwarding/tc_police.sh		diff \| blob \| history