From patchwork Fri May 10 15:45:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Valerio X-Patchwork-Id: 1933907 X-Patchwork-Delegate: horms@verge.net.au Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CHxR7ipG; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::138; helo=smtp1.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VbYC82FNJz1ymg for ; Sat, 11 May 2024 01:46:28 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id C10128378C; Fri, 10 May 2024 15:46:21 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id ofpSkuO3Nl1d; Fri, 10 May 2024 15:46:21 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org D053F845EC Authentication-Results: smtp1.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CHxR7ipG Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp1.osuosl.org (Postfix) with ESMTPS id D053F845EC; Fri, 10 May 2024 15:46:20 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 8B13DC0072; Fri, 10 May 2024 15:46:20 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) by lists.linuxfoundation.org (Postfix) with ESMTP id DE911C0037 for ; Fri, 10 May 2024 15:46:19 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id CD7DC42B15 for ; Fri, 10 May 2024 15:46:19 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id RtKDUkSoiUzy for ; Fri, 10 May 2024 15:46:19 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.133.124; helo=us-smtp-delivery-124.mimecast.com; envelope-from=pvalerio@redhat.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp2.osuosl.org 8DCA940283 Authentication-Results: smtp2.osuosl.org; dmarc=pass (p=none dis=none) header.from=redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 8DCA940283 Authentication-Results: smtp2.osuosl.org; dkim=pass (1024-bit key, unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CHxR7ipG Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id 8DCA940283 for ; Fri, 10 May 2024 15:46:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1715355977; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=q2DBWpJAePSMzkJ6ofdJxpK4iZ5gxBhx+UpZJZ5oBIM=; b=CHxR7ipG9VhbAWkHrk0ldJEyArdX3XjkZvG5Qx8zEsLeG7k4Su9J0LqqRymW05ljLSEraj 7dejpr7zvPDzHH6dWGuZhww33tDiJQU+aSUSdAoZ/2O+CZoTp9gGx/JRLMs5w+JdDfvFAj nek+46rIHOXEY+vCH0Wk+SjrbYsmDIU= Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-330-ZX5eEaRWM32Ob9XAT6kN6Q-1; Fri, 10 May 2024 11:46:16 -0400 X-MC-Unique: ZX5eEaRWM32Ob9XAT6kN6Q-1 Received: by mail-ed1-f71.google.com with SMTP id 4fb4d7f45d1cf-572b02c68b0so253619a12.1 for ; Fri, 10 May 2024 08:46:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715355975; x=1715960775; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=q2DBWpJAePSMzkJ6ofdJxpK4iZ5gxBhx+UpZJZ5oBIM=; b=NjTnfQHO8WaaneEMIhPj+nOuPr+PSPmgY/Fcg8g1smWV5ecWp3sRaccGEWNjsHaTQb SrNHBagnCjq01Ip2jV+PrC0OuYPzKp7fk0HPJ2WfPwRpTIoeYpQXrajKrAcjSquGFQuq UKMHlNR7qy9JNIzqAe4Uvdpb4FLGKOgvch7sxF0sA5ay0+4BCyU9LpsYsRdQnEn0/O37 ffBY6lv6sDs8ziF3y0SSEs/T9D+gIgDmvBlmDO7I66XNTdHkAJMBZ1IXywdckuqOiZ19 PyogmWtVIqfqoLBgmWpUH/RrLy58phZJBVF1jYPhgVFzBCBt3q/et9WgsDWFOThOKn0Q AAoA== X-Gm-Message-State: AOJu0YxjqkardE5bqnZf6zcl4h9n+DFr4QOWbmXwpfN5DPHN1LuLOTJp lKWUFisUoiXPy6ljLkgEUmvsYIj11Bd3yxJKisXizW0okJndPhH6YRAcxOr3JzBqx8Ywf8tWEB+ miMVxDCE2+no4Rg87UgwZyBwtj5fAQ2UXhMfSVB6CYxV/nGk2Z/xud70ZoTjb8OTOJ3I9NR6Tqt 2aqSc8nuYd07OO5Kkrq3MZ/aTsI4pFFIjcSun4ZnU= X-Received: by 2002:a17:906:f84e:b0:a5a:7a1:5da6 with SMTP id a640c23a62f3a-a5a2d668d83mr224944066b.3.1715355974729; Fri, 10 May 2024 08:46:14 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHDSoxN/kWrEba0dFb2irmICBSxMHAuiQsniHvjD5PHpgwNFghOKWPj021wC8hA9ridPjsbyQ== X-Received: by 2002:a17:906:f84e:b0:a5a:7a1:5da6 with SMTP id a640c23a62f3a-a5a2d668d83mr224942166b.3.1715355974214; Fri, 10 May 2024 08:46:14 -0700 (PDT) Received: from localhost (net-2-35-80-241.cust.vodafonedsl.it. [2.35.80.241]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a5a179c7d9dsm195724366b.132.2024.05.10.08.46.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 10 May 2024 08:46:13 -0700 (PDT) From: Paolo Valerio To: ovs-dev@openvswitch.org Date: Fri, 10 May 2024 17:45:54 +0200 Message-ID: <20240510154554.109617-1-pvalerio@redhat.com> X-Mailer: git-send-email 2.45.0 MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH v2] conntrack: Fully initialize conn struct before insertion. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Mike Pattrick In case packets are concurrently received in both directions, there's a chance that the ones in the reverse direction get received right after the connection gets added to the connection tracker but before some of the connection's fields are fully initialized. This could cause OVS to access potentially invalid, as the lookup may end up retrieving the wrong offsets during CONTAINER_OF(), or uninitialized memory. This may happen in case of regular NAT or all-zero SNAT. Fix it by initializing early the connections fields. Fixes: 1116459b3ba8 ("conntrack: Remove nat_conn introducing key directionality.") Reported-at: https://issues.redhat.com/browse/FDP-616 Signed-off-by: Mike Pattrick Co-authored-by: Paolo Valerio Signed-off-by: Paolo Valerio Acked-by: Simon Horman --- lib/conntrack.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/lib/conntrack.c b/lib/conntrack.c index 16e1c8bb5..5fdfe98de 100644 --- a/lib/conntrack.c +++ b/lib/conntrack.c @@ -947,6 +947,18 @@ conn_not_found(struct conntrack *ct, struct dp_packet *pkt, nc->parent_key = alg_exp->parent_key; } + ovs_mutex_init_adaptive(&nc->lock); + atomic_flag_clear(&nc->reclaimed); + fwd_key_node->dir = CT_DIR_FWD; + rev_key_node->dir = CT_DIR_REV; + + if (zl) { + nc->admit_zone = zl->czl.zone; + nc->zone_limit_seq = zl->czl.zone_limit_seq; + } else { + nc->admit_zone = INVALID_ZONE; + } + if (nat_action_info) { nc->nat_action = nat_action_info->nat_action; @@ -972,22 +984,16 @@ conn_not_found(struct conntrack *ct, struct dp_packet *pkt, &rev_key_node->cm_node, rev_hash); } - ovs_mutex_init_adaptive(&nc->lock); - atomic_flag_clear(&nc->reclaimed); - fwd_key_node->dir = CT_DIR_FWD; - rev_key_node->dir = CT_DIR_REV; cmap_insert(&ct->conns[ctx->key.zone], &fwd_key_node->cm_node, ctx->hash); conn_expire_push_front(ct, nc); atomic_count_inc(&ct->n_conn); - ctx->conn = nc; /* For completeness. */ + if (zl) { - nc->admit_zone = zl->czl.zone; - nc->zone_limit_seq = zl->czl.zone_limit_seq; atomic_count_inc(&zl->czl.count); - } else { - nc->admit_zone = INVALID_ZONE; } + + ctx->conn = nc; /* For completeness. */ } return nc;