{"id":811000,"url":"http://patchwork.ozlabs.org/api/patches/811000/?format=json","web_url":"http://patchwork.ozlabs.org/project/netdev/patch/150478759310.28665.17184783248584070473.stgit@firesoul/","project":{"id":7,"url":"http://patchwork.ozlabs.org/api/projects/7/?format=json","name":"Linux network development","link_name":"netdev","list_id":"netdev.vger.kernel.org","list_email":"netdev@vger.kernel.org","web_url":null,"scm_url":null,"webscm_url":null,"list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<150478759310.28665.17184783248584070473.stgit@firesoul>","list_archive_url":null,"date":"2017-09-07T12:33:13","name":"[V2,net-next,1/2] xdp: implement xdp_redirect_map for generic XDP","commit_ref":null,"pull_url":null,"state":"deferred","archived":true,"hash":"f806de3e5ac23b15a8c2cac151da23c7983bb904","submitter":{"id":13625,"url":"http://patchwork.ozlabs.org/api/people/13625/?format=json","name":"Jesper Dangaard Brouer","email":"brouer@redhat.com"},"delegate":{"id":34,"url":"http://patchwork.ozlabs.org/api/users/34/?format=json","username":"davem","first_name":"David","last_name":"Miller","email":"davem@davemloft.net"},"mbox":"http://patchwork.ozlabs.org/project/netdev/patch/150478759310.28665.17184783248584070473.stgit@firesoul/mbox/","series":[{"id":1995,"url":"http://patchwork.ozlabs.org/api/series/1995/?format=json","web_url":"http://patchwork.ozlabs.org/project/netdev/list/?series=1995","date":"2017-09-07T12:33:08","name":"Fixes for XDP_REDIRECT map","version":2,"mbox":"http://patchwork.ozlabs.org/series/1995/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/811000/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/811000/checks/","tags":{},"related":[],"headers":{"Return-Path":"<netdev-owner@vger.kernel.org>","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)","ext-mx07.extmail.prod.ext.phx2.redhat.com;\n\tdmarc=none (p=none dis=none) header.from=redhat.com","ext-mx07.extmail.prod.ext.phx2.redhat.com;\n\tspf=fail smtp.mailfrom=brouer@redhat.com"],"Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xp0H40wMMz9s81\n\tfor <patchwork-incoming@ozlabs.org>;\n\tThu,  7 Sep 2017 22:33:20 +1000 (AEST)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S932095AbdIGMdS (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tThu, 7 Sep 2017 08:33:18 -0400","from mx1.redhat.com ([209.132.183.28]:57922 \"EHLO mx1.redhat.com\"\n\trhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP\n\tid S1755228AbdIGMdR (ORCPT <rfc822;netdev@vger.kernel.org>);\n\tThu, 7 Sep 2017 08:33:17 -0400","from smtp.corp.redhat.com\n\t(int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14])\n\t(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby mx1.redhat.com (Postfix) with ESMTPS id 1D45BC04B31B;\n\tThu,  7 Sep 2017 12:33:17 +0000 (UTC)","from firesoul.localdomain (ovpn-200-42.brq.redhat.com\n\t[10.40.200.42])\n\tby smtp.corp.redhat.com (Postfix) with ESMTP id 08CDA17D59;\n\tThu,  7 Sep 2017 12:33:14 +0000 (UTC)","from [192.168.5.1] (localhost [IPv6:::1])\n\tby firesoul.localdomain (Postfix) with ESMTP id 2FF2A3073EC87;\n\tThu,  7 Sep 2017 14:33:13 +0200 (CEST)"],"DMARC-Filter":"OpenDMARC Filter v1.3.2 mx1.redhat.com 1D45BC04B31B","Subject":"[V2 PATCH net-next 1/2] xdp: implement xdp_redirect_map for generic\n\tXDP","From":"Jesper Dangaard Brouer <brouer@redhat.com>","To":"netdev@vger.kernel.org, \"David S. Miller\" <davem@davemloft.net>","Cc":"Daniel Borkmann <borkmann@iogearbox.net>,\n\tJohn Fastabend <john.fastabend@gmail.com>,\n\tAndy Gospodarek <andy@greyhouse.net>,\n\tJesper Dangaard Brouer <brouer@redhat.com>","Date":"Thu, 07 Sep 2017 14:33:13 +0200","Message-ID":"<150478759310.28665.17184783248584070473.stgit@firesoul>","In-Reply-To":"<150478756604.28665.6915020425359475729.stgit@firesoul>","References":"<150478756604.28665.6915020425359475729.stgit@firesoul>","User-Agent":"StGit/0.17.1-dirty","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"utf-8\"","Content-Transfer-Encoding":"7bit","X-Scanned-By":"MIMEDefang 2.79 on 10.5.11.14","X-Greylist":"Sender IP whitelisted, not delayed by milter-greylist-4.5.16\n\t(mx1.redhat.com [10.5.110.31]);\n\tThu, 07 Sep 2017 12:33:17 +0000 (UTC)","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"<netdev.vger.kernel.org>","X-Mailing-List":"netdev@vger.kernel.org"},"content":"Using bpf_redirect_map is allowed for generic XDP programs, but the\nappropriate map lookup was never performed in xdp_do_generic_redirect().\n\nInstead the map-index is directly used as the ifindex.  For the\nxdp_redirect_map sample in SKB-mode '-S', this resulted in trying\nsending on ifindex 0 which isn't valid, resulting in getting SKB\npackets dropped.  Thus, the reported performance numbers are wrong in\ncommit 24251c264798 (\"samples/bpf: add option for native and skb mode\nfor redirect apps\") for the 'xdp_redirect_map -S' case.\n\nIt might seem innocent this was lacking, but it can actually crash the\nkernel.  The potential crash is caused by not consuming redirect_info->map.\nThe bpf_redirect_map helper will set this_cpu_ptr(&redirect_info)->map\npointer, which will survive even after unloading the xdp bpf_prog and\ndeallocating the devmap data-structure.  This leaves a dead map\npointer around.  The kernel will crash when loading the xdp_redirect\nsample (in native XDP mode) as it doesn't reset map (via bpf_redirect)\nand returns XDP_REDIRECT, which will cause it to dereference the map\npointer.\n\nFixes: 6103aa96ec07 (\"net: implement XDP_REDIRECT for xdp generic\")\nFixes: 24251c264798 (\"samples/bpf: add option for native and skb mode for redirect apps\")\nSigned-off-by: Jesper Dangaard Brouer <brouer@redhat.com>\n---\n include/trace/events/xdp.h |    4 ++--\n net/core/filter.c          |   14 +++++++++++---\n 2 files changed, 13 insertions(+), 5 deletions(-)","diff":"diff --git a/include/trace/events/xdp.h b/include/trace/events/xdp.h\nindex 862575ac8da9..4e16c43fba10 100644\n--- a/include/trace/events/xdp.h\n+++ b/include/trace/events/xdp.h\n@@ -138,11 +138,11 @@ DEFINE_EVENT_PRINT(xdp_redirect_template, xdp_redirect_map_err,\n \n #define _trace_xdp_redirect_map(dev, xdp, fwd, map, idx)\t\t\\\n \t trace_xdp_redirect_map(dev, xdp, fwd ? fwd->ifindex : 0,\t\\\n-\t\t\t\t0, map, idx);\n+\t\t\t\t0, map, idx)\n \n #define _trace_xdp_redirect_map_err(dev, xdp, fwd, map, idx, err)\t\\\n \t trace_xdp_redirect_map_err(dev, xdp, fwd ? fwd->ifindex : 0,\t\\\n-\t\t\t\t    err, map, idx);\n+\t\t\t\t    err, map, idx)\n \n #endif /* _TRACE_XDP_H */\n \ndiff --git a/net/core/filter.c b/net/core/filter.c\nindex 5912c738a7b2..3767470cab6c 100644\n--- a/net/core/filter.c\n+++ b/net/core/filter.c\n@@ -2566,13 +2566,19 @@ int xdp_do_generic_redirect(struct net_device *dev, struct sk_buff *skb,\n \t\t\t    struct bpf_prog *xdp_prog)\n {\n \tstruct redirect_info *ri = this_cpu_ptr(&redirect_info);\n+\tstruct bpf_map *map = ri->map;\n \tu32 index = ri->ifindex;\n \tstruct net_device *fwd;\n \tunsigned int len;\n \tint err = 0;\n \n-\tfwd = dev_get_by_index_rcu(dev_net(dev), index);\n \tri->ifindex = 0;\n+\tri->map = NULL;\n+\n+\tif (map)\n+\t\tfwd = __dev_map_lookup_elem(map, index);\n+\telse\n+\t\tfwd = dev_get_by_index_rcu(dev_net(dev), index);\n \tif (unlikely(!fwd)) {\n \t\terr = -EINVAL;\n \t\tgoto err;\n@@ -2590,10 +2596,12 @@ int xdp_do_generic_redirect(struct net_device *dev, struct sk_buff *skb,\n \t}\n \n \tskb->dev = fwd;\n-\t_trace_xdp_redirect(dev, xdp_prog, index);\n+\tmap ? _trace_xdp_redirect_map(dev, xdp_prog, fwd, map, index)\n+\t\t: _trace_xdp_redirect(dev, xdp_prog, index);\n \treturn 0;\n err:\n-\t_trace_xdp_redirect_err(dev, xdp_prog, index, err);\n+\tmap ? _trace_xdp_redirect_map_err(dev, xdp_prog, fwd, map, index, err)\n+\t\t: _trace_xdp_redirect_err(dev, xdp_prog, index, err);\n \treturn err;\n }\n EXPORT_SYMBOL_GPL(xdp_do_generic_redirect);\n","prefixes":["V2","net-next","1/2"]}