Bug#1079684: Network errors on VM

Mon, 26 Aug 2024 06:45:17 -0700 

Hi,

Thanks Salvatore for the quick follow up on IRC and for pointing me at
the following doc in order to quickly rebuild the kernel with the
proposed patches.

https://kernel-team.pages.debian.net/kernel-handbook/ch-common-tasks.html#id-1.6.6.4

Le Mon, Aug 26, 2024 at 10:54:41AM +0200, David Prévot a écrit :
[…]
> Forwarded: https://bugzilla.kernel.org/show_bug.cgi?id=219129
[…]
> It seems real network issues have been noticed in some VMs we rebooted
> on friday (they are now running the previous kernel).

There are indeed severe consequences in network performances: e.g., it
took me two minutes instead of a fraction of second to upload the
patched kernel to the server (~500kB/s instead of 62MB/s).

> The forwarded upstream issue seems to match.

I just rebuilt the kernel with the three following patches and can’t
reproduce the issue once booted on the patched version.

>   89add40066f9 ("net: drop bad gso csum_start and offset in virtio_net_hdr")
>   fc8b2a619469 ("net: more strict VIRTIO_NET_HDR_GSO_UDP_L4 validation")
>   9840036786d9 ("gso: fix dodgy bit handling for GSO_UDP_L4")

The first patch (in reverse order) didn’t apply cleanly, so I only used
the first diff (out of three):


Index: linux-6.1.106/net/ipv4/udp_offload.c
===================================================================
--- linux-6.1.106.orig/net/ipv4/udp_offload.c   2024-08-26 14:01:13.869618434 
+0200
+++ linux-6.1.106/net/ipv4/udp_offload.c        2024-08-26 14:01:13.869618434 
+0200
@@ -273,13 +273,20 @@
        __sum16 check;
        __be16 newlen;

-       if (skb_shinfo(gso_skb)->gso_type & SKB_GSO_FRAGLIST)
-               return __udp_gso_segment_list(gso_skb, features, is_ipv6);
-
        mss = skb_shinfo(gso_skb)->gso_size;
        if (gso_skb->len <= sizeof(*uh) + mss)
                return ERR_PTR(-EINVAL);

+       if (skb_gso_ok(gso_skb, features | NETIF_F_GSO_ROBUST)) {
+               /* Packet is from an untrusted source, reset gso_segs. */
+               skb_shinfo(gso_skb)->gso_segs = DIV_ROUND_UP(gso_skb->len - 
sizeof(*uh),
+                                                            mss);
+               return NULL;
+       }
+
+       if (skb_shinfo(gso_skb)->gso_type & SKB_GSO_FRAGLIST)
+               return __udp_gso_segment_list(gso_skb, features, is_ipv6);
+
        skb_pull(gso_skb, sizeof(*uh));

        /* clear destructor to avoid skb_segment assigning it to tail */


Regards

taffit

Attachment: signature.asc
Description: PGP signature

Reply via email to