lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <bb71b086-b60e-c130-8484-5a71d0a07f19@blackwall.org> Date: Tue, 17 Oct 2023 15:53:05 +0300 From: Nikolay Aleksandrov <razor@...ckwall.org> To: Ido Schimmel <idosch@...dia.com> Cc: netdev@...r.kernel.org, bridge@...ts.linux-foundation.org, davem@...emloft.net, kuba@...nel.org, edumazet@...gle.com, pabeni@...hat.com, roopa@...dia.com, mlxsw@...dia.com Subject: Re: [PATCH net-next 09/13] bridge: mcast: Add MDB get support On 10/17/23 14:03, Ido Schimmel wrote: > On Tue, Oct 17, 2023 at 12:24:44PM +0300, Nikolay Aleksandrov wrote: >> On 10/16/23 16:12, Ido Schimmel wrote: >>> Implement support for MDB get operation by looking up a matching MDB >>> entry, allocating the skb according to the entry's size and then filling >>> in the response. The operation is performed under the bridge multicast >>> lock to ensure that the entry does not change between the time the reply >>> size is determined and when the reply is filled in. >>> >>> Signed-off-by: Ido Schimmel <idosch@...dia.com> >>> --- >>> net/bridge/br_device.c | 1 + >>> net/bridge/br_mdb.c | 154 ++++++++++++++++++++++++++++++++++++++++ >>> net/bridge/br_private.h | 9 +++ >>> 3 files changed, 164 insertions(+) >>> >> [snip] >>> +int br_mdb_get(struct net_device *dev, struct nlattr *tb[], u32 portid, u32 seq, >>> + struct netlink_ext_ack *extack) >>> +{ >>> + struct net_bridge *br = netdev_priv(dev); >>> + struct net_bridge_mdb_entry *mp; >>> + struct sk_buff *skb; >>> + struct br_ip group; >>> + int err; >>> + >>> + err = br_mdb_get_parse(dev, tb, &group, extack); >>> + if (err) >>> + return err; >>> + >>> + spin_lock_bh(&br->multicast_lock); >> >> Since this is only reading, could we use rcu to avoid blocking mcast >> processing? > > I tried to explain this choice in the commit message. Do you think it's > a non-issue? > Unless you really need a stable snapshot, I think it's worth not blocking igmp processing for a read. It's not critical, if you do need a stable snapshot then it's ok. >> >>> + >>> + mp = br_mdb_ip_get(br, &group); >>> + if (!mp) { >>> + NL_SET_ERR_MSG_MOD(extack, "MDB entry not found"); >>> + err = -ENOENT; >>> + goto unlock; >>> + } >>> + >>> + skb = br_mdb_get_reply_alloc(mp); >>> + if (!skb) { >>> + err = -ENOMEM; >>> + goto unlock; >>> + } >>> + >>> + err = br_mdb_get_reply_fill(skb, mp, portid, seq); >>> + if (err) { >>> + NL_SET_ERR_MSG_MOD(extack, "Failed to fill MDB get reply"); >>> + goto free; >>> + } >>> + >>> + spin_unlock_bh(&br->multicast_lock); >>> + >>> + return rtnl_unicast(skb, dev_net(dev), portid); >>> + >>> +free: >>> + kfree_skb(skb); >>> +unlock: >>> + spin_unlock_bh(&br->multicast_lock); >>> + return err; >>> +} >>
Powered by blists - more mailing lists