lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <52874821-600b-4ffe-b4b4-9efbed6a3aca@blackwall.org>
Date: Tue, 24 Sep 2024 14:21:43 +0300
From: Nikolay Aleksandrov <razor@...ckwall.org>
To: Paolo Abeni <pabeni@...hat.com>, Jiwon Kim <jiwonaid0@...il.com>,
 jv@...sburgh.net, andy@...yhouse.net, davem@...emloft.net,
 edumazet@...gle.com, kuba@...nel.org, ast@...nel.org, daniel@...earbox.net,
 hawk@...nel.org, john.fastabend@...il.com, joamaki@...il.com
Cc: netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
 bpf@...r.kernel.org, syzbot+c187823a52ed505b2257@...kaller.appspotmail.com
Subject: Re: [PATCH net v3] bonding: Fix unnecessary warnings and logs from
 bond_xdp_get_xmit_slave()

On 9/24/24 13:20, Paolo Abeni wrote:
> On 9/18/24 16:06, Jiwon Kim wrote:
>> syzbot reported a WARNING in bond_xdp_get_xmit_slave. To reproduce
>> this[1], one bond device (bond1) has xdpdrv, which increases
>> bpf_master_redirect_enabled_key. Another bond device (bond0) which is
>> unsupported by XDP but its slave (veth3) has xdpgeneric that returns
>> XDP_TX. This triggers WARN_ON_ONCE() from the xdp_master_redirect().
>> To reduce unnecessary warnings and improve log management, we need to
>> delete the WARN_ON_ONCE() and add ratelimit to the netdev_err().
>>
>> [1] Steps to reproduce:
>>      # Needs tx_xdp with return XDP_TX;
>>      ip l add veth0 type veth peer veth1
>>      ip l add veth3 type veth peer veth4
>>      ip l add bond0 type bond mode 6 # BOND_MODE_ALB, unsupported by XDP
>>      ip l add bond1 type bond # BOND_MODE_ROUNDROBIN by default
>>      ip l set veth0 master bond1
>>      ip l set bond1 up
>>      # Increases bpf_master_redirect_enabled_key
>>      ip l set dev bond1 xdpdrv object tx_xdp.o section xdp_tx
>>      ip l set veth3 master bond0
>>      ip l set bond0 up
>>      ip l set veth4 up
>>      # Triggers WARN_ON_ONCE() from the xdp_master_redirect()
>>      ip l set veth3 xdpgeneric object tx_xdp.o section xdp_tx
>>
>> Reported-by: syzbot+c187823a52ed505b2257@...kaller.appspotmail.com
>> Closes: https://syzkaller.appspot.com/bug?extid=c187823a52ed505b2257
>> Fixes: 9e2ee5c7e7c3 ("net, bonding: Add XDP support to the bonding driver")
>> Signed-off-by: Jiwon Kim <jiwonaid0@...il.com>
> 
> Isn't the above issue completely addressed by explicitly checking for 
> bond->prog in bond_xdp_get_xmit_slave()? Or would that broke some use-case?
> 
> Thanks,
> 
> Paolo
> 

There isn't much difference with this patch, bond_xdp_get_xmit_slave()
always returns either a slave or NULL, either way you'd return NULL.

It does have a potential to break some weird setup, but I can't
currently come up with one where bond_xdp_get_xmit_slave is used and
xdp_prog is not set, so I don't have a preference about which way
to fix it. :)

Cheers,
 Nik


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ