| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b591649f-ada5-42c1-984c-7e358c0337fa@blackwall.org>
Date: Mon, 19 Aug 2024 11:48:32 +0300
From: Nikolay Aleksandrov <razor@...ckwall.org>
To: Hangbin Liu <liuhangbin@...il.com>
Cc: netdev@...r.kernel.org, Jay Vosburgh <j.vosburgh@...il.com>,
"David S . Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>, Eric Dumazet <edumazet@...gle.com>,
Tariq Toukan <tariqt@...dia.com>, Jianbo Liu <jianbol@...dia.com>,
Sabrina Dubroca <sd@...asysnail.net>
Subject: Re: [PATCHv2 net-next 1/3] bonding: add common function to check
ipsec device
On 19/08/2024 11:43, Hangbin Liu wrote:
> On Mon, Aug 19, 2024 at 11:02:14AM +0300, Nikolay Aleksandrov wrote:
>>> +static struct net_device bond_ipsec_dev(struct xfrm_state *xs)
>>> +{
>>> + struct net_device *bond_dev = xs->xso.dev;
>>> + struct net_device *real_dev;
>>> + struct bonding *bond;
>>> + struct slave *slave;
>>> +
>>> + if (!bond_dev)
>>> + return NULL;
>>> +
>>> + bond = netdev_priv(bond_dev);
>>> + slave = rcu_dereference(bond->curr_active_slave);
>>> + real_dev = slave ? slave->dev : NULL;
>>> +
>>> + if ((BOND_MODE(bond) != BOND_MODE_ACTIVEBACKUP) ||
>>> + !slave || !real_dev || !xs->xso.real_dev)
>>> + return NULL;
>>
>> No need to check !slave again here. !real_dev implies !slave and
>> vice-versa, if it is set then we must have had a slave.
>
> Ah yes, I missed this.
>
This is exactly my point about it being easier to follow if it's not all
combined in this way.
>> I prefer the more obvious way - check slave after deref and
>> bail out, similar to my fix, I think it is easier to follow the
>> code and more obvious. Although I don't feel strong about that
>> it's just a preference. :)
>
> I don't have a inclination, I just want to check all the error and fail out.
> If we check each one separately, do you think if I should do like
>
> if (!bond_dev)
> return NULL;
>
> bond = netdev_priv(bond_dev);
> if (BOND_MODE(bond) != BOND_MODE_ACTIVEBACKUP)
> return NULL;
>
> slave = rcu_dereference(bond->curr_active_slave);
> if (!slave)
> return NULL;
>
I like this, even though it's more verbose, it's also easier to follow.
The alternative I have to track all code above and then verify the
combined check below. Depending on how complex it is, might be ok.
As I said it's a preference, if you prefer the other way - I don't mind.
>>> + WARN_ON(xs->xso.real_dev != slave->dev);
>
> Here as you said, the WARN_ON would be triggered easily, do you think if I
> should change to pr_warn or salve_warn?
>
I haven't verified it, but yeah. Given how these are synced, it should be something
that's limited (we're talking about packets here, we shouldn't flood the logs) and
not a WARN_ON(). We can see any mid-state while changing.
> Thanks
> Hangbin
Cheers,
Nik
Powered by blists - more mailing lists