lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 15 Sep 2020 15:15:48 +0300
From:   Moshe Shemesh <moshe@...dia.com>
To:     Jiri Pirko <jiri@...nulli.us>, Moshe Shemesh <moshe@...lanox.com>
CC:     "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Jiri Pirko <jiri@...lanox.com>, <netdev@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH net-next RFC v4 02/15] devlink: Add reload action limit
 level


On 9/14/2020 4:10 PM, Jiri Pirko wrote:
> Mon, Sep 14, 2020 at 08:07:49AM CEST, moshe@...lanox.com wrote:
> 		
> [..]
>
> 	
>> diff --git a/include/net/devlink.h b/include/net/devlink.h
>> index b09db891db04..dddd9ee5b8a9 100644
>> --- a/include/net/devlink.h
>> +++ b/include/net/devlink.h
>> @@ -1012,9 +1012,13 @@ enum devlink_trap_group_generic_id {
>>
>> struct devlink_ops {
>> 	unsigned long supported_reload_actions;
>> +	unsigned long supported_reload_action_limit_levels;
>> 	int (*reload_down)(struct devlink *devlink, bool netns_change,
>> -			   enum devlink_reload_action action, struct netlink_ext_ack *extack);
>> +			   enum devlink_reload_action action,
>> +			   enum devlink_reload_action_limit_level limit_level,
>> +			   struct netlink_ext_ack *extack);
>> 	int (*reload_up)(struct devlink *devlink, enum devlink_reload_action action,
>> +			 enum devlink_reload_action_limit_level limit_level,
>> 			 struct netlink_ext_ack *extack, unsigned long *actions_performed);
>> 	int (*port_type_set)(struct devlink_port *devlink_port,
>> 			     enum devlink_port_type port_type);
>> diff --git a/include/uapi/linux/devlink.h b/include/uapi/linux/devlink.h
>> index a6f64db0bdf3..b19686fd80ff 100644
>> --- a/include/uapi/linux/devlink.h
>> +++ b/include/uapi/linux/devlink.h
>> @@ -287,6 +287,22 @@ enum devlink_reload_action {
>> 	DEVLINK_RELOAD_ACTION_MAX = __DEVLINK_RELOAD_ACTION_MAX - 1
>> };
>>
>> +/**
>> + * enum devlink_reload_action_limit_level - Reload action limit level.
>> + * @DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_NONE: No constrains on action. Action may include
>> + *                                          reset or downtime as needed.
>> + * @DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_NO_RESET: No reset allowed, no down time allowed,
>> + *                                              no link flap and no configuration is lost.
>> + */
>> +enum devlink_reload_action_limit_level {
>> +	DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_NONE,
>> +	DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_NO_RESET,
>> +
>> +	/* Add new reload actions limit level above */
>> +	__DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_MAX,
>> +	DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_MAX = __DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_MAX - 1
>> +};
>> +
>> enum devlink_attr {
>> 	/* don't change the order or add anything between, this is ABI! */
>> 	DEVLINK_ATTR_UNSPEC,
>> @@ -478,6 +494,7 @@ enum devlink_attr {
>>
>> 	DEVLINK_ATTR_RELOAD_ACTION,		/* u8 */
>> 	DEVLINK_ATTR_RELOAD_ACTIONS_PERFORMED,	/* nested */
>> +	DEVLINK_ATTR_RELOAD_ACTION_LIMIT_LEVEL,	/* u8 */
>>
>> 	/* add new attributes above here, update the policy in devlink.c */
>>
>> diff --git a/net/core/devlink.c b/net/core/devlink.c
>> index f4be1e1bf864..60aa0c4a3726 100644
>> --- a/net/core/devlink.c
>> +++ b/net/core/devlink.c
>> @@ -468,6 +468,13 @@ devlink_reload_action_is_supported(struct devlink *devlink, enum devlink_reload_
>> 	return test_bit(action, &devlink->ops->supported_reload_actions);
>> }
>>
>> +static bool
>> +devlink_reload_action_limit_level_is_supported(struct devlink *devlink,
>> +					       enum devlink_reload_action_limit_level limit_level)
>> +{
>> +	return test_bit(limit_level, &devlink->ops->supported_reload_action_limit_levels);
>> +}
>> +
>> static int devlink_nl_fill(struct sk_buff *msg, struct devlink *devlink,
>> 			   enum devlink_command cmd, u32 portid,
>> 			   u32 seq, int flags)
>> @@ -2975,22 +2982,23 @@ bool devlink_is_reload_failed(const struct devlink *devlink)
>> EXPORT_SYMBOL_GPL(devlink_is_reload_failed);
>>
>> static int devlink_reload(struct devlink *devlink, struct net *dest_net,
>> -			  enum devlink_reload_action action, struct netlink_ext_ack *extack,
>> -			  unsigned long *actions_performed)
>> +			  enum devlink_reload_action action,
>> +			  enum devlink_reload_action_limit_level limit_level,
>> +			  struct netlink_ext_ack *extack, unsigned long *actions_performed)
>> {
>> 	int err;
>>
>> 	if (!devlink->reload_enabled)
>> 		return -EOPNOTSUPP;
>>
>> -	err = devlink->ops->reload_down(devlink, !!dest_net, action, extack);
>> +	err = devlink->ops->reload_down(devlink, !!dest_net, action, limit_level, extack);
>> 	if (err)
>> 		return err;
>>
>> 	if (dest_net && !net_eq(dest_net, devlink_net(devlink)))
>> 		devlink_reload_netns_change(devlink, dest_net);
>>
>> -	err = devlink->ops->reload_up(devlink, action, extack, actions_performed);
>> +	err = devlink->ops->reload_up(devlink, action, limit_level, extack, actions_performed);
>> 	devlink_reload_failed_set(devlink, !!err);
>> 	return err;
>> }
>> @@ -3036,6 +3044,7 @@ devlink_nl_reload_actions_performed_fill(struct sk_buff *msg,
>>
>> static int devlink_nl_cmd_reload(struct sk_buff *skb, struct genl_info *info)
>> {
>> +	enum devlink_reload_action_limit_level limit_level;
>> 	struct devlink *devlink = info->user_ptr[0];
>> 	enum devlink_reload_action action;
>> 	unsigned long actions_performed;
>> @@ -3073,7 +3082,20 @@ static int devlink_nl_cmd_reload(struct sk_buff *skb, struct genl_info *info)
>> 		return -EOPNOTSUPP;
>> 	}
>>
>> -	err = devlink_reload(devlink, dest_net, action, info->extack, &actions_performed);
>> +	if (info->attrs[DEVLINK_ATTR_RELOAD_ACTION_LIMIT_LEVEL])
>> +		limit_level = nla_get_u8(info->attrs[DEVLINK_ATTR_RELOAD_ACTION_LIMIT_LEVEL]);
>> +	else
>> +		limit_level = DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_NONE;
>> +
>> +	if (limit_level > DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_MAX) {
> Again, not needed, devlink_reload_action_limit_level_is_supported() will
> take case of it.
Ack.
>> +		NL_SET_ERR_MSG_MOD(info->extack, "Invalid limit level");
>> +		return -EINVAL;
>> +	} else if (!devlink_reload_action_limit_level_is_supported(devlink, limit_level)) {
>> +		NL_SET_ERR_MSG_MOD(info->extack, "Requested limit level is not supported");
> "..by the driver"?
Ack.
>
>> +		return -EOPNOTSUPP;
>> +	}
>> +	err = devlink_reload(devlink, dest_net, action, limit_level, info->extack,
>> +			     &actions_performed);
>>
>> 	if (dest_net)
>> 		put_net(dest_net);
>> @@ -7126,6 +7148,7 @@ static const struct nla_policy devlink_nl_policy[DEVLINK_ATTR_MAX + 1] = {
>> 	[DEVLINK_ATTR_TRAP_POLICER_BURST] = { .type = NLA_U64 },
>> 	[DEVLINK_ATTR_PORT_FUNCTION] = { .type = NLA_NESTED },
>> 	[DEVLINK_ATTR_RELOAD_ACTION] = { .type = NLA_U8 },
>> +	[DEVLINK_ATTR_RELOAD_ACTION_LIMIT_LEVEL] = { .type = NLA_U8 },
>> };
>>
>> static const struct genl_ops devlink_nl_ops[] = {
>> @@ -7462,6 +7485,10 @@ static int devlink_reload_actions_verify(struct devlink *devlink)
>> 	if (WARN_ON(ops->supported_reload_actions >= BIT(__DEVLINK_RELOAD_ACTION_MAX) ||
>> 		    ops->supported_reload_actions <= BIT(DEVLINK_RELOAD_ACTION_UNSPEC)))
>> 		return -EINVAL;
>> +	if (WARN_ON(!ops->supported_reload_action_limit_levels ||
>> +		    ops->supported_reload_action_limit_levels >=
>> +		    BIT(__DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_MAX)))
>> +		return -EINVAL;
> I think that you can check some insane driver combinations like:
> supports only driver-reinit, supports LEVEL_NO_RESET - that is
> impossible and should be refused here.
>
> Same goes to the actual user command call. If the user calls for
> driver-reinit with LEVEL_NO_RESET, devlink should refuse with proper
> extack


I actually holds a counter for this combination too, we said no_reset 
can apply to any action, but not really.

>
>> 	return 0;
>> }
>>
>> @@ -9756,7 +9783,8 @@ static void __net_exit devlink_pernet_pre_exit(struct net *net)
>> 			if (WARN_ON(!devlink_reload_supported(devlink)))
>> 				continue;
>> 			err = devlink_reload(devlink, &init_net,
>> -					     DEVLINK_RELOAD_ACTION_DRIVER_REINIT, NULL, NULL);
>> +					     DEVLINK_RELOAD_ACTION_DRIVER_REINIT,
>> +					     DEVLINK_RELOAD_ACTION_LIMIT_LEVEL_NONE, NULL, NULL);
>> 			if (err && err != -EOPNOTSUPP)
>> 				pr_warn("Failed to reload devlink instance into init_net\n");
>> 		}
>> -- 
>> 2.17.1
>>

Powered by blists - more mailing lists