lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 24 Apr 2019 11:40:40 -0600
From:   David Ahern <dsahern@...il.com>
To:     "Michael S. Tsirkin" <mst@...hat.com>
Cc:     makita.toshiaki@....ntt.co.jp,
        Jesper Dangaard Brouer <brouer@...hat.com>,
        Toke Høiland-Jørgensen <toke@...e.dk>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        Jason Wang <jasowang@...hat.com>
Subject: Re: virtio_net: suspicious RCU usage with xdp

On 4/24/19 11:37 AM, Michael S. Tsirkin wrote:
> diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
> index 9010938e2d71..ccc1bdd1bb1f 100644
> --- a/drivers/net/virtio_net.c
> +++ b/drivers/net/virtio_net.c
> @@ -495,8 +495,8 @@ static struct send_queue *virtnet_xdp_sq(struct virtnet_info *vi)
>  	return &vi->sq[qp];
>  }
>  
> -static int virtnet_xdp_xmit(struct net_device *dev,
> -			    int n, struct xdp_frame **frames, u32 flags)
> +static int __virtnet_xdp_xmit(struct net_device *dev,
> +			      int n, struct xdp_frame **frames, u32 flags)
>  {
>  	struct virtnet_info *vi = netdev_priv(dev);
>  	struct receive_queue *rq = vi->rq;
> @@ -569,6 +569,17 @@ static int virtnet_xdp_xmit(struct net_device *dev,
>  	return ret;
>  }
>  
> +static int virtnet_xdp_xmit(struct net_device *dev,
> +			    int n, struct xdp_frame **frames, u32 flags)
> +{
> +	int r;
> +
> +	rcu_read_lock_bh();
> +	r = __virtnet_xdp_xmit(dev, n, frames, flags);
> +	rcu_read_unlock_bh();
> +	return r;
> +}
> +
>  static unsigned int virtnet_get_headroom(struct virtnet_info *vi)
>  {
>  	return vi->xdp_queue_pairs ? VIRTIO_XDP_HEADROOM : 0;
> @@ -714,7 +725,7 @@ static struct sk_buff *receive_small(struct net_device *dev,

receive_small takes the rcu lock at the beginning.


>  			xdpf = convert_to_xdp_frame(&xdp);
>  			if (unlikely(!xdpf))
>  				goto err_xdp;
> -			err = virtnet_xdp_xmit(dev, 1, &xdpf, 0);
> +			err = __virtnet_xdp_xmit(dev, 1, &xdpf, 0);
>  			if (unlikely(err < 0)) {
>  				trace_xdp_exception(vi->dev, xdp_prog, act);
>  				goto err_xdp;
> @@ -887,7 +898,7 @@ static struct sk_buff *receive_mergeable(struct net_device *dev,

same here.
>  			xdpf = convert_to_xdp_frame(&xdp);
>  			if (unlikely(!xdpf))
>  				goto err_xdp;
> -			err = virtnet_xdp_xmit(dev, 1, &xdpf, 0);
> +			err = __virtnet_xdp_xmit(dev, 1, &xdpf, 0);
>  			if (unlikely(err < 0)) {
>  				trace_xdp_exception(vi->dev, xdp_prog, act);
>  				if (unlikely(xdp_page != page))
> 
> 

bq_xmit_all is invoking the xdp_xmit callback without taking the rcu
lock, but from the git history does not appear to have any recent changes.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ