| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y9eO4rZ6zAyuNk6j@unreal>
Date: Mon, 30 Jan 2023 11:33:22 +0200
From: Leon Romanovsky <leon@...nel.org>
To: Paul Blakey <paulb@...dia.com>
Cc: netdev@...r.kernel.org, Saeed Mahameed <saeedm@...dia.com>,
Paolo Abeni <pabeni@...hat.com>,
Jakub Kicinski <kuba@...nel.org>,
Eric Dumazet <edumazet@...gle.com>,
Jamal Hadi Salim <jhs@...atatu.com>,
Cong Wang <xiyou.wangcong@...il.com>,
"David S. Miller" <davem@...emloft.net>,
Oz Shlomo <ozsh@...dia.com>, Jiri Pirko <jiri@...dia.com>,
Roi Dayan <roid@...dia.com>, Vlad Buslov <vladbu@...dia.com>
Subject: Re: [PATCH net-next v6 4/6] net/mlx5: Refactor tc miss handling to a
single function
On Sun, Jan 29, 2023 at 12:16:11PM +0200, Paul Blakey wrote:
> Move tc miss handling code to en_tc.c, and remove
> duplicate code.
>
> Signed-off-by: Paul Blakey <paulb@...dia.com>
> Reviewed-by: Roi Dayan <roid@...dia.com>
> ---
> .../ethernet/mellanox/mlx5/core/en/rep/tc.c | 225 ++----------------
> .../net/ethernet/mellanox/mlx5/core/en_rx.c | 4 +-
> .../net/ethernet/mellanox/mlx5/core/en_tc.c | 221 +++++++++++++++--
> .../net/ethernet/mellanox/mlx5/core/en_tc.h | 11 +-
> 4 files changed, 232 insertions(+), 229 deletions(-)
<...>
> void mlx5e_rep_tc_receive(struct mlx5_cqe64 *cqe, struct mlx5e_rq *rq,
> struct sk_buff *skb)
> {
> - u32 reg_c1 = be32_to_cpu(cqe->ft_metadata);
> + u32 reg_c1 = be32_to_cpu(cqe->ft_metadata), reg_c0, zone_restore_id, tunnel_id;
> struct mlx5e_tc_update_priv tc_priv = {};
> - struct mlx5_mapped_obj mapped_obj;
> + struct mlx5_rep_uplink_priv *uplink_priv;
> + struct mlx5e_rep_priv *uplink_rpriv;
> + struct mlx5_tc_ct_priv *ct_priv;
> + struct mapping_ctx *mapping_ctx;
> struct mlx5_eswitch *esw;
> - bool forward_tx = false;
> struct mlx5e_priv *priv;
> - u32 reg_c0;
> - int err;
>
> reg_c0 = (be32_to_cpu(cqe->sop_drop_qpn) & MLX5E_TC_FLOW_ID_MASK);
> if (!reg_c0 || reg_c0 == MLX5_FS_DEFAULT_FLOW_TAG)
> goto forward;
>
> - /* If reg_c0 is not equal to the default flow tag then skb->mark
> + /* If mapped_obj_id is not equal to the default flow tag then skb->mark
> * is not supported and must be reset back to 0.
> */
> skb->mark = 0;
>
> priv = netdev_priv(skb->dev);
> esw = priv->mdev->priv.eswitch;
> - err = mapping_find(esw->offloads.reg_c0_obj_pool, reg_c0, &mapped_obj);
> - if (err) {
> - netdev_dbg(priv->netdev,
> - "Couldn't find mapped object for reg_c0: %d, err: %d\n",
> - reg_c0, err);
> - goto free_skb;
> - }
> + mapping_ctx = esw->offloads.reg_c0_obj_pool;
> + zone_restore_id = reg_c1 & ESW_ZONE_ID_MASK;
> + tunnel_id = (reg_c1 >> ESW_TUN_OFFSET) & TUNNEL_ID_MASK;
>
> - if (mapped_obj.type == MLX5_MAPPED_OBJ_CHAIN) {
> - if (!mlx5e_restore_skb_chain(skb, mapped_obj.chain, reg_c1, &tc_priv) &&
> - !mlx5_ipsec_is_rx_flow(cqe))
> - goto free_skb;
> - } else if (mapped_obj.type == MLX5_MAPPED_OBJ_SAMPLE) {
> - mlx5e_restore_skb_sample(priv, skb, &mapped_obj, &tc_priv);
> - goto free_skb;
> - } else if (mapped_obj.type == MLX5_MAPPED_OBJ_INT_PORT_METADATA) {
> - if (!mlx5e_restore_skb_int_port(priv, skb, &mapped_obj, &tc_priv,
> - &forward_tx, reg_c1))
> - goto free_skb;
> - } else {
> - netdev_dbg(priv->netdev, "Invalid mapped object type: %d\n", mapped_obj.type);
> + uplink_rpriv = mlx5_eswitch_get_uplink_priv(esw, REP_ETH);
> + uplink_priv = &uplink_rpriv->uplink_priv;
> + ct_priv = uplink_priv->ct_priv;
> +
> + if (!mlx5_ipsec_is_rx_flow(cqe) &&
> + !mlx5e_tc_update_skb(cqe, skb, mapping_ctx, reg_c0, ct_priv, zone_restore_id, tunnel_id,
> + &tc_priv))
> goto free_skb;
> - }
>
> forward:
> - if (forward_tx)
> + if (tc_priv.skb_done)
> + goto free_skb;
> +
> + if (tc_priv.forward_tx)
> dev_queue_xmit(skb);
> else
> napi_gro_receive(rq->cq.napi, skb);
>
> - mlx5_rep_tc_post_napi_receive(&tc_priv);
> + if (tc_priv.fwd_dev)
> + dev_put(tc_priv.fwd_dev);
>
> return;
>
> free_skb:
> + WARN_ON(tc_priv.fwd_dev);
Kernel splat which can be triggered from the network by sending traffic
to the target is not good idea.
It is safer to remove this WARN_ON().
Thanks
Powered by blists - more mailing lists