Eric Lee / smarc-fsl-linux-kernel

25 Sep, 2020

1 commit

  • e49d8c22f   net_sched: defer tcf_idr_insert() in tcf_action_init_1() ... Browse Code »

    All TC actions call tcf_idr_insert() for new action at the end
    of their ->init(), so we can actually move it to a central place
    in tcf_action_init_1().

    And once the action is inserted into the global IDR, other parallel
    process could free it immediately as its refcnt is still 1, so we can
    not fail after this, we need to move it after the goto action
    validation to avoid handling the failure case after insertion.

    This is found during code review, is not directly triggered by syzbot.
    And this prepares for the next patch.

    Cc: Vlad Buslov
    Cc: Jamal Hadi Salim
    Cc: Jiri Pirko
    Signed-off-by: Cong Wang
    Signed-off-by: David S. Miller

    Cong Wang
     

11 Jul, 2020

1 commit

04 Jul, 2020

1 commit

  • d7bf2ebeb   sched: consistently handle layer3 header accesses in the presence of VLANs ... Browse Code »

    There are a couple of places in net/sched/ that check skb->protocol and act
    on the value there. However, in the presence of VLAN tags, the value stored
    in skb->protocol can be inconsistent based on whether VLAN acceleration is
    enabled. The commit quoted in the Fixes tag below fixed the users of
    skb->protocol to use a helper that will always see the VLAN ethertype.

    However, most of the callers don't actually handle the VLAN ethertype, but
    expect to find the IP header type in the protocol field. This means that
    things like changing the ECN field, or parsing diffserv values, stops
    working if there's a VLAN tag, or if there are multiple nested VLAN
    tags (QinQ).

    To fix this, change the helper to take an argument that indicates whether
    the caller wants to skip the VLAN tags or not. When skipping VLAN tags, we
    make sure to skip all of them, so behaviour is consistent even in QinQ
    mode.

    To make the helper usable from the ECN code, move it to if_vlan.h instead
    of pkt_sched.h.

    v3:
    - Remove empty lines
    - Move vlan variable definitions inside loop in skb_protocol()
    - Also use skb_protocol() helper in IP{,6}_ECN_decapsulate() and
    bpf_skb_ecn_set_ce()

    v2:
    - Use eth_type_vlan() helper in skb_protocol()
    - Also fix code that reads skb->protocol directly
    - Change a couple of 'if/else if' statements to switch constructs to avoid
    calling the helper twice

    Reported-by: Ilya Ponetayev
    Fixes: d8b9605d2697 ("net: sched: fix skb->protocol use in case of accelerated vlan path")
    Signed-off-by: Toke Høiland-Jørgensen
    Signed-off-by: David S. Miller

    Toke Høiland-Jørgensen
     

20 Jun, 2020

1 commit

  • 4b61d3e8d   net: qos offload add flow status with dropped count ... Browse Code »

    This patch adds a drop frames counter to tc flower offloading.
    Reporting h/w dropped frames is necessary for some actions.
    Some actions like police action and the coming introduced stream gate
    action would produce dropped frames which is necessary for user. Status
    update shows how many filtered packets increasing and how many dropped
    in those packets.

    v2: Changes
    - Update commit comments suggest by Jiri Pirko.

    Signed-off-by: Po Liu
    Reviewed-by: Simon Horman
    Reviewed-by: Vlad Buslov
    Signed-off-by: David S. Miller

    Po Liu
     

27 Mar, 2020

1 commit

27 Nov, 2019

1 commit

  • 1ae78780e   Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip ... Browse Code »

    Pull RCU updates from Ingo Molnar:
    "The main changes in this cycle were:

    - Dynamic tick (nohz) updates, perhaps most notably changes to force
    the tick on when needed due to lengthy in-kernel execution on CPUs
    on which RCU is waiting.

    - Linux-kernel memory consistency model updates.

    - Replace rcu_swap_protected() with rcu_prepace_pointer().

    - Torture-test updates.

    - Documentation updates.

    - Miscellaneous fixes"

    * 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (51 commits)
    security/safesetid: Replace rcu_swap_protected() with rcu_replace_pointer()
    net/sched: Replace rcu_swap_protected() with rcu_replace_pointer()
    net/netfilter: Replace rcu_swap_protected() with rcu_replace_pointer()
    net/core: Replace rcu_swap_protected() with rcu_replace_pointer()
    bpf/cgroup: Replace rcu_swap_protected() with rcu_replace_pointer()
    fs/afs: Replace rcu_swap_protected() with rcu_replace_pointer()
    drivers/scsi: Replace rcu_swap_protected() with rcu_replace_pointer()
    drm/i915: Replace rcu_swap_protected() with rcu_replace_pointer()
    x86/kvm/pmu: Replace rcu_swap_protected() with rcu_replace_pointer()
    rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer()
    rcu: Suppress levelspread uninitialized messages
    rcu: Fix uninitialized variable in nocb_gp_wait()
    rcu: Update descriptions for rcu_future_grace_period tracepoint
    rcu: Update descriptions for rcu_nocb_wake tracepoint
    rcu: Remove obsolete descriptions for rcu_barrier tracepoint
    rcu: Ensure that ->rcu_urgent_qs is set before resched IPI
    workqueue: Convert for_each_wq to use built-in list check
    rcu: Several rcu_segcblist functions can be static
    rcu: Remove unused function hlist_bl_del_init_rcu()
    Documentation: Rename rcu_node_context_switch() to rcu_note_context_switch()
    ...

    Linus Torvalds
     

31 Oct, 2019

2 commits

  • e38226786   net: sched: update action implementations to support flags ... Browse Code »

    Extend struct tc_action with new "tcfa_flags" field. Set the field in
    tcf_idr_create() function and provide new helper
    tcf_idr_create_from_flags() that derives 'cpustats' boolean from flags
    value. Update individual hardware-offloaded actions init() to pass their
    "flags" argument to new helper in order to skip percpu stats allocation
    when user requested it through flags.

    Signed-off-by: Vlad Buslov
    Signed-off-by: David S. Miller

    Vlad Buslov
     
  • abbb0d336   net: sched: extend TCA_ACT space with TCA_ACT_FLAGS ... Browse Code »

    Extend TCA_ACT space with nla_bitfield32 flags. Add
    TCA_ACT_FLAGS_NO_PERCPU_STATS as the only allowed flag. Parse the flags in
    tcf_action_init_1() and pass resulting value as additional argument to
    a_o->init().

    Signed-off-by: Vlad Buslov
    Signed-off-by: David S. Miller

    Vlad Buslov
     

30 Oct, 2019

1 commit

  • 445d37493   net/sched: Replace rcu_swap_protected() with rcu_replace_pointer() ... Browse Code »

    This commit replaces the use of rcu_swap_protected() with the more
    intuitively appealing rcu_replace_pointer() as a step towards removing
    rcu_swap_protected().

    Link: https://lore.kernel.org/lkml/CAHk-=wiAsJLw1egFEE=Z7-GGtM6wcvtyytXZA1+BHqta4gg6Hw@mail.gmail.com/
    Reported-by: Linus Torvalds
    [ paulmck: From rcu_replace() to rcu_replace_pointer() per Ingo Molnar. ]
    Signed-off-by: Paul E. McKenney
    Cc: Jamal Hadi Salim
    Cc: Cong Wang
    Cc: Jiri Pirko
    Cc: "David S. Miller"
    Cc:
    Cc:

    Paul E. McKenney
     

28 Aug, 2019

1 commit

  • 981471bd3   net_sched: fix a NULL pointer deref in ipt action ... Browse Code »

    The net pointer in struct xt_tgdtor_param is not explicitly
    initialized therefore is still NULL when dereferencing it.
    So we have to find a way to pass the correct net pointer to
    ipt_destroy_target().

    The best way I find is just saving the net pointer inside the per
    netns struct tcf_idrinfo, which could make this patch smaller.

    Fixes: 0c66dc1ea3f0 ("netfilter: conntrack: register hooks in netns when needed by ruleset")
    Reported-and-tested-by: itugrok@yahoo.com
    Cc: Jamal Hadi Salim
    Cc: Jiri Pirko
    Signed-off-by: Cong Wang
    Signed-off-by: David S. Miller

    Cong Wang
     

09 Aug, 2019

1 commit

06 Aug, 2019

1 commit

  • 7be8ef2cd   net: sched: use temporary variable for actions indexes ... Browse Code »

    Currently init call of all actions (except ipt) init their 'parm'
    structure as a direct pointer to nla data in skb. This leads to race
    condition when some of the filter actions were initialized successfully
    (and were assigned with idr action index that was written directly
    into nla data), but then were deleted and retried (due to following
    action module missing or classifier-initiated retry), in which case
    action init code tries to insert action to idr with index that was
    assigned on previous iteration. During retry the index can be reused
    by another action that was inserted concurrently, which causes
    unintended action sharing between filters.
    To fix described race condition, save action idr index to temporary
    stack-allocated variable instead on nla data.

    Fixes: 0190c1d452a9 ("net: sched: atomically check-allocate action")
    Signed-off-by: Dmytro Linkin
    Signed-off-by: Vlad Buslov
    Acked-by: Cong Wang
    Signed-off-by: David S. Miller

    Dmytro Linkin
     

31 May, 2019

1 commit

  • 9952f6918   treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 201 ... Browse Code »

    Based on 1 normalized pattern(s):

    this program is free software you can redistribute it and or modify
    it under the terms and conditions of the gnu general public license
    version 2 as published by the free software foundation this program
    is distributed in the hope it will be useful but without any
    warranty without even the implied warranty of merchantability or
    fitness for a particular purpose see the gnu general public license
    for more details you should have received a copy of the gnu general
    public license along with this program if not see http www gnu org
    licenses

    extracted by the scancode license scanner the SPDX license identifier

    GPL-2.0-only

    has been chosen to replace the boilerplate/reference in 228 file(s).

    Signed-off-by: Thomas Gleixner
    Reviewed-by: Allison Randal
    Reviewed-by: Steve Winslow
    Reviewed-by: Richard Fontana
    Reviewed-by: Alexios Zavras
    Cc: linux-spdx@vger.kernel.org
    Link: https://lkml.kernel.org/r/20190528171438.107155473@linutronix.de
    Signed-off-by: Greg Kroah-Hartman

    Thomas Gleixner
     

28 Apr, 2019

1 commit

  • 8cb081746   netlink: make validation more configurable for future strictness ... Browse Code »

    We currently have two levels of strict validation:

    1) liberal (default)
    - undefined (type >= max) & NLA_UNSPEC attributes accepted
    - attribute length >= expected accepted
    - garbage at end of message accepted
    2) strict (opt-in)
    - NLA_UNSPEC attributes accepted
    - attribute length >= expected accepted

    Split out parsing strictness into four different options:
    * TRAILING - check that there's no trailing data after parsing
    attributes (in message or nested)
    * MAXTYPE - reject attrs > max known type
    * UNSPEC - reject attributes with NLA_UNSPEC policy entries
    * STRICT_ATTRS - strictly validate attribute size

    The default for future things should be *everything*.
    The current *_strict() is a combination of TRAILING and MAXTYPE,
    and is renamed to _deprecated_strict().
    The current regular parsing has none of this, and is renamed to
    *_parse_deprecated().

    Additionally it allows us to selectively set one of the new flags
    even on old policies. Notably, the UNSPEC flag could be useful in
    this case, since it can be arranged (by filling in the policy) to
    not be an incompatible userspace ABI change, but would then going
    forward prevent forgetting attribute entries. Similar can apply
    to the POLICY flag.

    We end up with the following renames:
    * nla_parse -> nla_parse_deprecated
    * nla_parse_strict -> nla_parse_deprecated_strict
    * nlmsg_parse -> nlmsg_parse_deprecated
    * nlmsg_parse_strict -> nlmsg_parse_deprecated_strict
    * nla_parse_nested -> nla_parse_nested_deprecated
    * nla_validate_nested -> nla_validate_nested_deprecated

    Using spatch, of course:
    @@
    expression TB, MAX, HEAD, LEN, POL, EXT;
    @@
    -nla_parse(TB, MAX, HEAD, LEN, POL, EXT)
    +nla_parse_deprecated(TB, MAX, HEAD, LEN, POL, EXT)

    @@
    expression NLH, HDRLEN, TB, MAX, POL, EXT;
    @@
    -nlmsg_parse(NLH, HDRLEN, TB, MAX, POL, EXT)
    +nlmsg_parse_deprecated(NLH, HDRLEN, TB, MAX, POL, EXT)

    @@
    expression NLH, HDRLEN, TB, MAX, POL, EXT;
    @@
    -nlmsg_parse_strict(NLH, HDRLEN, TB, MAX, POL, EXT)
    +nlmsg_parse_deprecated_strict(NLH, HDRLEN, TB, MAX, POL, EXT)

    @@
    expression TB, MAX, NLA, POL, EXT;
    @@
    -nla_parse_nested(TB, MAX, NLA, POL, EXT)
    +nla_parse_nested_deprecated(TB, MAX, NLA, POL, EXT)

    @@
    expression START, MAX, POL, EXT;
    @@
    -nla_validate_nested(START, MAX, POL, EXT)
    +nla_validate_nested_deprecated(START, MAX, POL, EXT)

    @@
    expression NLH, HDRLEN, MAX, POL, EXT;
    @@
    -nlmsg_validate(NLH, HDRLEN, MAX, POL, EXT)
    +nlmsg_validate_deprecated(NLH, HDRLEN, MAX, POL, EXT)

    For this patch, don't actually add the strict, non-renamed versions
    yet so that it breaks compile if I get it wrong.

    Also, while at it, make nla_validate and nla_parse go down to a
    common __nla_validate_parse() function to avoid code duplication.

    Ultimately, this allows us to have very strict validation for every
    new caller of nla_parse()/nlmsg_parse() etc as re-introduced in the
    next patch, while existing things will continue to work as is.

    In effect then, this adds fully strict validation for any new command.

    Signed-off-by: Johannes Berg
    Signed-off-by: David S. Miller

    Johannes Berg
     

22 Mar, 2019

2 commits

  • ec7727bb2   net/sched: act_skbedit: validate the control action inside init() ... Browse Code »

    the following script:

    # tc qdisc add dev crash0 clsact
    # tc filter add dev crash0 egress matchall \
    > action skbedit ptype host pass index 90
    # tc actions replace action skbedit \
    > ptype host goto chain 42 index 90 cookie c1a0c1a0
    # tc actions show action skbedit

    had the following output:

    Error: Failed to init TC action chain.
    We have an error talking to the kernel
    total acts 1

    action order 0: skbedit ptype host goto chain 42
    index 90 ref 2 bind 1
    cookie c1a0c1a0

    Then, the first packet transmitted by crash0 made the kernel crash:

    BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
    #PF error: [normal kernel read fault]
    PGD 0 P4D 0
    Oops: 0000 [#1] SMP PTI
    CPU: 3 PID: 3467 Comm: kworker/3:3 Not tainted 5.0.0-rc4.gotochain_crash+ #536
    Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
    Workqueue: ipv6_addrconf addrconf_dad_work
    RIP: 0010:tcf_action_exec+0xb8/0x100
    Code: 00 00 00 20 74 1d 83 f8 03 75 09 49 83 c4 08 4d 39 ec 75 bc 48 83 c4 10 5b 5d 41 5c 41 5d 41 5e 41 5f c3 49 8b 97 a8 00 00 00 8b 12 48 89 55 00 48 83 c4 10 5b 5d 41 5c 41 5d 41 5e 41 5f c3
    RSP: 0018:ffffb50a81e1fad0 EFLAGS: 00010246
    RAX: 000000002000002a RBX: ffff9aa47ba4ea00 RCX: 0000000000000001
    RDX: 0000000000000000 RSI: ffff9aa469eeb3c0 RDI: ffff9aa47ba4ea00
    RBP: ffffb50a81e1fb70 R08: 0000000000000000 R09: 0000000000000000
    R10: 0000000000000000 R11: ffff9aa47bce0638 R12: ffff9aa4793b0c00
    R13: ffff9aa4793b0c08 R14: 0000000000000001 R15: ffff9aa469eeb3c0
    FS: 0000000000000000(0000) GS:ffff9aa474780000(0000) knlGS:0000000000000000
    CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    CR2: 0000000000000000 CR3: 000000007360e005 CR4: 00000000001606e0
    Call Trace:
    tcf_classify+0x58/0x120
    __dev_queue_xmit+0x40a/0x890
    ? ndisc_next_option+0x50/0x50
    ? ___neigh_create+0x4d5/0x680
    ? ip6_finish_output2+0x1b5/0x590
    ip6_finish_output2+0x1b5/0x590
    ? ip6_output+0x68/0x110
    ip6_output+0x68/0x110
    ? nf_hook.constprop.28+0x79/0xc0
    ndisc_send_skb+0x248/0x2e0
    ndisc_send_ns+0xf8/0x200
    ? addrconf_dad_work+0x389/0x4b0
    addrconf_dad_work+0x389/0x4b0
    ? __switch_to_asm+0x34/0x70
    ? process_one_work+0x195/0x380
    ? addrconf_dad_completed+0x370/0x370
    process_one_work+0x195/0x380
    worker_thread+0x30/0x390
    ? process_one_work+0x380/0x380
    kthread+0x113/0x130
    ? kthread_park+0x90/0x90
    ret_from_fork+0x35/0x40
    Modules linked in: act_skbedit veth ip6table_filter ip6_tables iptable_filter binfmt_misc crct10dif_pclmul crc32_pclmul ghash_clmulni_intel ext4 snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hwdep mbcache snd_hda_core jbd2 snd_seq snd_seq_device snd_pcm aesni_intel crypto_simd cryptd snd_timer glue_helper snd joydev soundcore pcspkr virtio_balloon i2c_piix4 nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables xfs ata_generic pata_acpi qxl drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm virtio_net net_failover drm failover virtio_blk virtio_console ata_piix virtio_pci crc32c_intel serio_raw libata virtio_ring virtio floppy dm_mirror dm_region_hash dm_log dm_mod
    CR2: 0000000000000000

    Validating the control action within tcf_skbedit_init() proved to fix the
    above issue. A TDC selftest is added to verify the correct behavior.

    Fixes: db50514f9a9c ("net: sched: add termination action to allow goto chain")
    Fixes: 97763dc0f401 ("net_sched: reject unknown tcfa_action values")
    Signed-off-by: Davide Caratti
    Signed-off-by: David S. Miller

    Davide Caratti
     
  • 85d0966fa   net/sched: prepare TC actions to properly validate the control action ... Browse Code »

    - pass a pointer to struct tcf_proto in each actions's init() handler,
    to allow validating the control action, checking whether the chain
    exists and (eventually) refcounting it.
    - remove code that validates the control action after a successful call
    to the action's init() handler, and replace it with a test that forbids
    addition of actions having 'goto_chain' and NULL goto_chain pointer at
    the same time.
    - add tcf_action_check_ctrlact(), that will validate the control action
    and eventually allocate the action 'goto_chain' within the init()
    handler.
    - add tcf_action_set_ctrlact(), that will assign the control action and
    swap the current 'goto_chain' pointer with the new given one.

    This disallows 'goto_chain' on actions that don't initialize it properly
    in their init() handler, i.e. calling tcf_action_check_ctrlact() after
    successful IDR reservation and then calling tcf_action_set_ctrlact()
    to assign 'goto_chain' and 'tcf_action' consistently.

    By doing this, the kernel does not leak anymore refcounts when a valid
    'goto chain' handle is replaced in TC actions, causing kmemleak splats
    like the following one:

    # tc chain add dev dd0 chain 42 ingress protocol ip flower \
    > ip_proto tcp action drop
    # tc chain add dev dd0 chain 43 ingress protocol ip flower \
    > ip_proto udp action drop
    # tc filter add dev dd0 ingress matchall \
    > action gact goto chain 42 index 66
    # tc filter replace dev dd0 ingress matchall \
    > action gact goto chain 43 index 66
    # echo scan >/sys/kernel/debug/kmemleak

    unreferenced object 0xffff93c0ee09f000 (size 1024):
    comm "tc", pid 2565, jiffies 4295339808 (age 65.426s)
    hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
    00 00 00 00 08 00 06 00 00 00 00 00 00 00 00 00 ................
    backtrace:
    [] tc_ctl_chain+0x3d2/0x4c0
    [] rtnetlink_rcv_msg+0x263/0x2d0
    [] netlink_rcv_skb+0x4a/0x110
    [] netlink_unicast+0x1a0/0x250
    [] netlink_sendmsg+0x2c1/0x3c0
    [] sock_sendmsg+0x36/0x40
    [] ___sys_sendmsg+0x280/0x2f0
    [] __sys_sendmsg+0x5e/0xa0
    [] do_syscall_64+0x5b/0x180
    [] entry_SYSCALL_64_after_hwframe+0x44/0xa9
    [] 0xffffffffffffffff

    Fixes: db50514f9a9c ("net: sched: add termination action to allow goto chain")
    Fixes: 97763dc0f401 ("net_sched: reject unknown tcfa_action values")
    Signed-off-by: Davide Caratti
    Signed-off-by: David S. Miller

    Davide Caratti
     

03 Mar, 2019

1 commit

25 Feb, 2019

1 commit

  • 6191da980   net/sched: act_skbedit: fix refcount leak when replace fails ... Browse Code »

    when act_skbedit was converted to use RCU in the data plane, we added an
    error path, but we forgot to drop the action refcount in case of failure
    during a 'replace' operation:

    # tc actions add action skbedit ptype otherhost pass index 100
    # tc action show action skbedit
    total acts 1

    action order 0: skbedit ptype otherhost pass
    index 100 ref 1 bind 0
    # tc actions replace action skbedit ptype otherhost drop index 100
    RTNETLINK answers: Cannot allocate memory
    We have an error talking to the kernel
    # tc action show action skbedit
    total acts 1

    action order 0: skbedit ptype otherhost pass
    index 100 ref 2 bind 0

    Ensure we call tcf_idr_release(), in case 'params_new' allocation failed,
    also when the action is being replaced.

    Fixes: c749cdda9089 ("net/sched: act_skbedit: don't use spinlock in the data path")
    Signed-off-by: Davide Caratti
    Signed-off-by: David S. Miller

    Davide Caratti
     

11 Feb, 2019

1 commit

  • eddd2cf19   net: Change TCA_ACT_* to TCA_ID_* to match that of TCA_ID_POLICE ... Browse Code »

    Modify the kernel users of the TCA_ACT_* macros to use TCA_ID_*. For
    example, use TCA_ID_GACT instead of TCA_ACT_GACT. This will align with
    TCA_ID_POLICE and also differentiates these identifier, used in struct
    tc_action_ops type field, from other macros starting with TCA_ACT_.

    To make things clearer, we name the enum defining the TCA_ID_*
    identifiers and also change the "type" field of struct tc_action to
    id.

    Signed-off-by: Eli Cohen
    Acked-by: Jiri Pirko
    Signed-off-by: David S. Miller

    Eli Cohen
     

09 Sep, 2018

1 commit

  • 6d7a8df6d   net: sched: act_skbedit: remove dependency on rtnl lock ... Browse Code »

    According to the new locking rule, we have to take tcf_lock for both
    ->init() and ->dump(), as RTNL will be removed.

    Use tcf lock to protect skbedit action struct private data from concurrent
    modification in init and dump. Use rcu swap operation to reassign params
    pointer under protection of tcf lock. (old params value is not used by
    init, so there is no need of standalone rcu dereference step)

    Remove rtnl lock assertion that is no longer required.

    Signed-off-by: Vlad Buslov
    Signed-off-by: David S. Miller

    Vlad Buslov
     

01 Sep, 2018

1 commit

22 Aug, 2018

1 commit

  • 97a3f84f2   net_sched: remove unnecessary ops->delete() ... Browse Code »

    All ops->delete() wants is getting the tn->idrinfo, but we already
    have tc_action before calling ops->delete(), and tc_action has
    a pointer ->idrinfo.

    More importantly, each type of action does the same thing, that is,
    just calling tcf_idr_delete_index().

    So it can be just removed.

    Fixes: b409074e6693 ("net: sched: add 'delete' function to action ops")
    Cc: Jiri Pirko
    Cc: Vlad Buslov
    Signed-off-by: Cong Wang
    Signed-off-by: David S. Miller

    Cong Wang
     

14 Aug, 2018

1 commit

31 Jul, 2018

1 commit

  • 7fd4b288e   tc/act: remove unneeded RCU lock in action callback ... Browse Code »

    Each lockless action currently does its own RCU locking in ->act().
    This allows using plain RCU accessor, even if the context
    is really RCU BH.

    This change drops the per action RCU lock, replace the accessors
    with the _bh variant, cleans up a bit the surrounding code and
    documents the RCU status in the relevant header.
    No functional nor performance change is intended.

    The goal of this patch is clarifying that the RCU critical section
    used by the tc actions extends up to the classifier's caller.

    v1 -> v2:
    - preserve rcu lock in act_bpf: it's needed by eBPF helpers,
    as pointed out by Daniel

    v3 -> v4:
    - fixed some typos in the commit message (JiriP)

    Signed-off-by: Paolo Abeni
    Acked-by: Jiri Pirko
    Signed-off-by: David S. Miller

    Paolo Abeni
     

13 Jul, 2018

2 commits

08 Jul, 2018

5 commits

  • 0190c1d45   net: sched: atomically check-allocate action ... Browse Code »

    Implement function that atomically checks if action exists and either takes
    reference to it, or allocates idr slot for action index to prevent
    concurrent allocations of actions with same index. Use EBUSY error pointer
    to indicate that idr slot is reserved.

    Implement cleanup helper function that removes temporary error pointer from
    idr. (in case of error between idr allocation and insertion of newly
    created action to specified index)

    Refactor all action init functions to insert new action to idr using this
    API.

    Reviewed-by: Marcelo Ricardo Leitner
    Signed-off-by: Vlad Buslov
    Signed-off-by: Jiri Pirko
    Signed-off-by: David S. Miller

    Vlad Buslov
     
  • 4e8ddd7f1   net: sched: don't release reference on action overwrite ... Browse Code »

    Return from action init function with reference to action taken,
    even when overwriting existing action.

    Action init API initializes its fourth argument (pointer to pointer to tc
    action) to either existing action with same index or newly created action.
    In case of existing index(and bind argument is zero), init function returns
    without incrementing action reference counter. Caller of action init then
    proceeds working with action, without actually holding reference to it.
    This means that action could be deleted concurrently.

    Change action init behavior to always take reference to action before
    returning successfully, in order to protect from concurrent deletion.

    Reviewed-by: Marcelo Ricardo Leitner
    Signed-off-by: Vlad Buslov
    Signed-off-by: Jiri Pirko
    Signed-off-by: David S. Miller

    Vlad Buslov
     
  • b409074e6   net: sched: add 'delete' function to action ops ... Browse Code »

    Extend action ops with 'delete' function. Each action type to implements
    its own delete function that doesn't depend on rtnl lock.

    Implement delete function that is required to delete actions without
    holding rtnl lock. Use action API function that atomically deletes action
    only if it is still in action idr. This implementation prevents concurrent
    threads from deleting same action twice.

    Reviewed-by: Marcelo Ricardo Leitner
    Signed-off-by: Vlad Buslov
    Signed-off-by: Jiri Pirko
    Signed-off-by: David S. Miller

    Vlad Buslov
     
  • 789871bb2   net: sched: implement unlocked action init API ... Browse Code »

    Add additional 'rtnl_held' argument to act API init functions. It is
    required to implement actions that need to release rtnl lock before loading
    kernel module and reacquire if afterwards.

    Reviewed-by: Marcelo Ricardo Leitner
    Signed-off-by: Vlad Buslov
    Signed-off-by: Jiri Pirko
    Signed-off-by: David S. Miller

    Vlad Buslov
     
  • 036bb4432   net: sched: change type of reference and bind counters ... Browse Code »

    Change type of action reference counter to refcount_t.

    Change type of action bind counter to atomic_t.
    This type is used to allow decrementing bind counter without testing
    for 0 result.

    Reviewed-by: Marcelo Ricardo Leitner
    Signed-off-by: Vlad Buslov
    Signed-off-by: Jiri Pirko
    Signed-off-by: David S. Miller

    Vlad Buslov
     

04 Jul, 2018

1 commit

  • e7e3728bd   net:sched: add action inheritdsfield to skbedit ... Browse Code »

    The new action inheritdsfield copies the field DS of
    IPv4 and IPv6 packets into skb->priority. This enables
    later classification of packets based on the DS field.

    v5:
    *Update the drop counter for TC_ACT_SHOT

    v4:
    *Not allow setting flags other than the expected ones.

    *Allow dumping the pure flags.

    v3:
    *Use optional flags, so that it won't break old versions of tc.

    *Allow users to set both SKBEDIT_F_PRIORITY and SKBEDIT_F_INHERITDSFIELD flags.

    v2:
    *Fix the style issue

    *Move the code from skbmod to skbedit

    Original idea by Jamal Hadi Salim

    Signed-off-by: Qiaobin Fu
    Reviewed-by: Michel Machado
    Acked-by: Jamal Hadi Salim
    Reviewed-by: Marcelo Ricardo Leitner
    Acked-by: Davide Caratti
    Signed-off-by: David S. Miller

    Qiaobin Fu
     

12 May, 2018

1 commit

  • af5d01842   net sched actions: fix invalid pointer dereferencing if skbedit flags missing ... Browse Code »

    When application fails to pass flags in netlink TLV for a new skbedit action,
    the kernel results in the following oops:

    [ 8.307732] BUG: unable to handle kernel paging request at 0000000000021130
    [ 8.309167] PGD 80000000193d1067 P4D 80000000193d1067 PUD 180e0067 PMD 0
    [ 8.310595] Oops: 0000 [#1] SMP PTI
    [ 8.311334] Modules linked in: kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel pcbc aesni_intel aes_x86_64 crypto_simd cryptd glue_helper serio_raw
    [ 8.314190] CPU: 1 PID: 397 Comm: tc Not tainted 4.17.0-rc3+ #357
    [ 8.315252] RIP: 0010:__tcf_idr_release+0x33/0x140
    [ 8.316203] RSP: 0018:ffffa0718038f840 EFLAGS: 00010246
    [ 8.317123] RAX: 0000000000000001 RBX: 0000000000021100 RCX: 0000000000000000
    [ 8.319831] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000021100
    [ 8.321181] RBP: 0000000000000000 R08: 000000000004adf8 R09: 0000000000000122
    [ 8.322645] R10: 0000000000000000 R11: ffffffff9e5b01ed R12: 0000000000000000
    [ 8.324157] R13: ffffffff9e0d3cc0 R14: 0000000000000000 R15: 0000000000000000
    [ 8.325590] FS: 00007f591292e700(0000) GS:ffff8fcf5bc40000(0000) knlGS:0000000000000000
    [ 8.327001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    [ 8.327987] CR2: 0000000000021130 CR3: 00000000180e6004 CR4: 00000000001606a0
    [ 8.329289] Call Trace:
    [ 8.329735] tcf_skbedit_init+0xa7/0xb0
    [ 8.330423] tcf_action_init_1+0x362/0x410
    [ 8.331139] ? try_to_wake_up+0x44/0x430
    [ 8.331817] tcf_action_init+0x103/0x190
    [ 8.332511] tc_ctl_action+0x11a/0x220
    [ 8.333174] rtnetlink_rcv_msg+0x23d/0x2e0
    [ 8.333902] ? _cond_resched+0x16/0x40
    [ 8.334569] ? __kmalloc_node_track_caller+0x5b/0x2c0
    [ 8.335440] ? rtnl_calcit.isra.31+0xf0/0xf0
    [ 8.336178] netlink_rcv_skb+0xdb/0x110
    [ 8.336855] netlink_unicast+0x167/0x220
    [ 8.337550] netlink_sendmsg+0x2a7/0x390
    [ 8.338258] sock_sendmsg+0x30/0x40
    [ 8.338865] ___sys_sendmsg+0x2c5/0x2e0
    [ 8.339531] ? pagecache_get_page+0x27/0x210
    [ 8.340271] ? filemap_fault+0xa2/0x630
    [ 8.340943] ? page_add_file_rmap+0x108/0x200
    [ 8.341732] ? alloc_set_pte+0x2aa/0x530
    [ 8.342573] ? finish_fault+0x4e/0x70
    [ 8.343332] ? __handle_mm_fault+0xbc1/0x10d0
    [ 8.344337] ? __sys_sendmsg+0x53/0x80
    [ 8.345040] __sys_sendmsg+0x53/0x80
    [ 8.345678] do_syscall_64+0x4f/0x100
    [ 8.346339] entry_SYSCALL_64_after_hwframe+0x44/0xa9
    [ 8.347206] RIP: 0033:0x7f591191da67
    [ 8.347831] RSP: 002b:00007fff745abd48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
    [ 8.349179] RAX: ffffffffffffffda RBX: 00007fff745abe70 RCX: 00007f591191da67
    [ 8.350431] RDX: 0000000000000000 RSI: 00007fff745abdc0 RDI: 0000000000000003
    [ 8.351659] RBP: 000000005af35251 R08: 0000000000000001 R09: 0000000000000000
    [ 8.352922] R10: 00000000000005f1 R11: 0000000000000246 R12: 0000000000000000
    [ 8.354183] R13: 00007fff745afed0 R14: 0000000000000001 R15: 00000000006767c0
    [ 8.355400] Code: 41 89 d4 53 89 f5 48 89 fb e8 aa 20 fd ff 85 c0 0f 84 ed 00
    00 00 48 85 db 0f 84 cf 00 00 00 40 84 ed 0f 85 cd 00 00 00 45 84 e4 53 30
    74 0d 85 d2 b8 ff ff ff ff 0f 8f b3 00 00 00 8b 43 2c
    [ 8.358699] RIP: __tcf_idr_release+0x33/0x140 RSP: ffffa0718038f840
    [ 8.359770] CR2: 0000000000021130
    [ 8.360438] ---[ end trace 60c66be45dfc14f0 ]---

    The caller calls action's ->init() and passes pointer to "struct tc_action *a",
    which later may be initialized to point at the existing action, otherwise
    "struct tc_action *a" is still invalid, and therefore dereferencing it is an
    error as happens in tcf_idr_release, where refcnt is decremented.

    So in case of missing flags tcf_idr_release must be called only for
    existing actions.

    v2:
    - prepare patch for net tree

    Fixes: 5e1567aeb7fe ("net sched: skbedit action fix late binding")
    Signed-off-by: Roman Mashak
    Acked-by: Cong Wang
    Signed-off-by: David S. Miller

    Roman Mashak
     

28 Mar, 2018

1 commit

28 Feb, 2018

1 commit

  • 685ecfb19   net: Convert tc_action_net_init() and tc_action_net_exit() based pernet_operations ... Browse Code »

    These pernet_operations are from net/sched directory, and they call only
    tc_action_net_init() and tc_action_net_exit():

    bpf_net_ops
    connmark_net_ops
    csum_net_ops
    gact_net_ops
    ife_net_ops
    ipt_net_ops
    xt_net_ops
    mirred_net_ops
    nat_net_ops
    pedit_net_ops
    police_net_ops
    sample_net_ops
    simp_net_ops
    skbedit_net_ops
    skbmod_net_ops
    tunnel_key_net_ops
    vlan_net_ops

    1)tc_action_net_init() just allocates and initializes per-net memory.
    2)There should not be in-flight packets at the time of tc_action_net_exit()
    call, or another pernet_operations send packets to dying net (except
    netlink). So, it seems they can be marked as async.

    Signed-off-by: Kirill Tkhai
    Signed-off-by: David S. Miller

    Kirill Tkhai
     

17 Feb, 2018

4 commits

14 Dec, 2017

1 commit