| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Jun 2021 23:27:32 +0200
From: Toke Høiland-Jørgensen <toke@...hat.com>
To: bpf@...r.kernel.org, netdev@...r.kernel.org
Cc: Martin KaFai Lau <kafai@...com>,
Hangbin Liu <liuhangbin@...il.com>,
Jesper Dangaard Brouer <brouer@...hat.com>,
Magnus Karlsson <magnus.karlsson@...il.com>,
"Paul E . McKenney" <paulmck@...nel.org>,
Jakub Kicinski <kuba@...nel.org>,
Toke Høiland-Jørgensen <toke@...hat.com>
Subject: [PATCH bpf-next v3 00/16] Clean up and document RCU-based object protection for XDP_REDIRECT
During the discussion[0] of Hangbin's multicast patch series, Martin pointed out
that the lifetime of the RCU-protected map entries used by XDP_REDIRECT is by
no means obvious. I promised to look into cleaning this up, and Paul helpfully
provided some hints and a new unrcu_pointer() helper to aid in this.
It seems[1] that back in the early days of XDP, local_bh_disable() did not
provide RCU protection, which is why the rcu_read_lock() calls were added
to drivers in the first place. But according to Paul[2], in recent kernels
a local_bh_disable()/local_bh_enable() pair functions as one big RCU
read-side section, so no further protection is needed. This even applies to
-rt kernels, which has an explicit rcu_read_lock() in place as part of the
local_bh_disable()[3].
This patch series is mostly a documentation exercise, cleaning up the
description of the lifetime expectations and adding __rcu annotations so
sparse and lockdep can help verify it.
Patches 1 and 2 are preparatory: Patch 1 adds Paul's unrcu_pointer()
helper (which has already been added to his tree), which we need for some
of the operations in devmap, and patch 2 adds bh context as a valid
condition for map lookups. Patch 3 is the main bit that adds the __rcu
annotations and updates documentation comments, and the rest are patches
updating the drivers, with one patch per distinct maintainer.
Unfortunately I don't have any hardware to test any of the driver patches;
Jesper helpfully verified that it doesn't break anything on i40e, but the rest
of the driver patches are only compile-tested.
[0] https://lore.kernel.org/bpf/20210415173551.7ma4slcbqeyiba2r@kafai-mbp.dhcp.thefacebook.com/
[1] https://lore.kernel.org/bpf/c5192ab3-1c05-8679-79f2-59d98299095b@iogearbox.net/
[2] https://lore.kernel.org/bpf/20210417002301.GO4212@paulmck-ThinkPad-P17-Gen-1/
[3] https://lore.kernel.org/bpf/20210419165837.GA975577@paulmck-ThinkPad-P17-Gen-1/
Changelog:
v3:
- Remove one other unnecessary change to hlist_for_each_entry_rcu()
- Carry forward another ACK
v2:
- Add a comment about RCU protection to the drivers where rcu_read_lock()
is removed
- Drop unnecessary patch 3 which changed dev_get_by_index_rcu()
- Add some more text with the history to cover letter
- Fix a few places where the wrong RCU checks were used in cpumap and
xskmap code
- Carry forward ACKs
Paul E. McKenney (1):
rcu: Create an unrcu_pointer() to remove __rcu from a pointer
Toke Høiland-Jørgensen (15):
bpf: allow RCU-protected lookups to happen from bh context
xdp: add proper __rcu annotations to redirect map entries
ena: remove rcu_read_lock() around XDP program invocation
bnxt: remove rcu_read_lock() around XDP program invocation
thunderx: remove rcu_read_lock() around XDP program invocation
freescale: remove rcu_read_lock() around XDP program invocation
net: intel: remove rcu_read_lock() around XDP program invocation
marvell: remove rcu_read_lock() around XDP program invocation
mlx4: remove rcu_read_lock() around XDP program invocation
nfp: remove rcu_read_lock() around XDP program invocation
qede: remove rcu_read_lock() around XDP program invocation
sfc: remove rcu_read_lock() around XDP program invocation
netsec: remove rcu_read_lock() around XDP program invocation
stmmac: remove rcu_read_lock() around XDP program invocation
net: ti: remove rcu_read_lock() around XDP program invocation
drivers/net/ethernet/amazon/ena/ena_netdev.c | 6 +--
drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c | 5 +-
.../net/ethernet/cavium/thunder/nicvf_main.c | 5 +-
.../net/ethernet/freescale/dpaa/dpaa_eth.c | 11 ++---
.../net/ethernet/freescale/dpaa2/dpaa2-eth.c | 6 +--
drivers/net/ethernet/intel/i40e/i40e_txrx.c | 5 +-
drivers/net/ethernet/intel/i40e/i40e_xsk.c | 11 ++---
drivers/net/ethernet/intel/ice/ice_txrx.c | 6 +--
drivers/net/ethernet/intel/ice/ice_xsk.c | 6 +--
drivers/net/ethernet/intel/igb/igb_main.c | 5 +-
drivers/net/ethernet/intel/igc/igc_main.c | 10 ++--
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 5 +-
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 9 ++--
.../net/ethernet/intel/ixgbevf/ixgbevf_main.c | 5 +-
drivers/net/ethernet/marvell/mvneta.c | 6 ++-
.../net/ethernet/marvell/mvpp2/mvpp2_main.c | 8 +--
drivers/net/ethernet/mellanox/mlx4/en_rx.c | 8 +--
.../ethernet/netronome/nfp/nfp_net_common.c | 6 ++-
drivers/net/ethernet/qlogic/qede/qede_fp.c | 7 +--
drivers/net/ethernet/sfc/rx.c | 12 ++---
drivers/net/ethernet/socionext/netsec.c | 7 +--
.../net/ethernet/stmicro/stmmac/stmmac_main.c | 13 ++---
drivers/net/ethernet/ti/cpsw_priv.c | 13 ++---
include/linux/rcupdate.h | 14 ++++++
include/net/xdp_sock.h | 2 +-
kernel/bpf/cpumap.c | 13 +++--
kernel/bpf/devmap.c | 49 ++++++++-----------
kernel/bpf/hashtab.c | 21 +++++---
kernel/bpf/helpers.c | 6 +--
kernel/bpf/lpm_trie.c | 6 ++-
net/core/filter.c | 28 +++++++++++
net/xdp/xsk.c | 4 +-
net/xdp/xsk.h | 4 +-
net/xdp/xskmap.c | 29 ++++++-----
34 files changed, 194 insertions(+), 157 deletions(-)
--
2.32.0
Powered by blists - more mailing lists