| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c3678626-7f5c-4446-9b4d-2650ddf5d5a6@blackwall.org>
Date: Mon, 14 Oct 2024 09:59:54 +0300
From: Nikolay Aleksandrov <razor@...ckwall.org>
To: Eric Woudstra <ericwouds@...il.com>, "David S. Miller"
<davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
Pablo Neira Ayuso <pablo@...filter.org>,
Jozsef Kadlecsik <kadlec@...filter.org>, Roopa Prabhu <roopa@...dia.com>,
Matthias Brugger <matthias.bgg@...il.com>,
AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>,
Jiri Pirko <jiri@...nulli.us>,
Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
Lorenzo Bianconi <lorenzo@...nel.org>,
Frank Wunderlich <frank-w@...lic-files.de>,
Daniel Golle <daniel@...rotopia.org>
Cc: netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
netfilter-devel@...r.kernel.org, coreteam@...filter.org,
bridge@...ts.linux.dev, linux-arm-kernel@...ts.infradead.org,
linux-mediatek@...ts.infradead.org
Subject: Re: [PATCH RFC v1 net-next 06/12] net: core: dev: Add
dev_fill_bridge_path()
On 13/10/2024 21:55, Eric Woudstra wrote:
> New function dev_fill_bridge_path(), similar to dev_fill_forward_path().
> It handles starting from a bridge port instead of the bridge master.
> The structures ctx and nft_forward_info need to be already filled in with
> the (vlan) encaps.
>
> Signed-off-by: Eric Woudstra <ericwouds@...il.com>
> ---
> include/linux/netdevice.h | 2 +
> net/core/dev.c | 77 ++++++++++++++++++++++++++++++++-------
> 2 files changed, 66 insertions(+), 13 deletions(-)
>
> diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
> index e87b5e488325..9d80f650345e 100644
> --- a/include/linux/netdevice.h
> +++ b/include/linux/netdevice.h
> @@ -3069,6 +3069,8 @@ void dev_remove_offload(struct packet_offload *po);
>
> int dev_get_iflink(const struct net_device *dev);
> int dev_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb);
> +int dev_fill_bridge_path(struct net_device_path_ctx *ctx,
> + struct net_device_path_stack *stack);
> int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr,
> struct net_device_path_stack *stack);
> struct net_device *__dev_get_by_flags(struct net *net, unsigned short flags,
> diff --git a/net/core/dev.c b/net/core/dev.c
> index cd479f5f22f6..49959c4904fc 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -713,44 +713,95 @@ static struct net_device_path *dev_fwd_path(struct net_device_path_stack *stack)
> return &stack->path[k];
> }
>
> -int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr,
> - struct net_device_path_stack *stack)
> +static int dev_fill_forward_path_common(struct net_device_path_ctx *ctx,
> + struct net_device_path_stack *stack)
> {
> const struct net_device *last_dev;
> - struct net_device_path_ctx ctx = {
> - .dev = dev,
> - };
> struct net_device_path *path;
> int ret = 0;
>
> - memcpy(ctx.daddr, daddr, sizeof(ctx.daddr));
> - stack->num_paths = 0;
> - while (ctx.dev && ctx.dev->netdev_ops->ndo_fill_forward_path) {
> - last_dev = ctx.dev;
> + while (ctx->dev && ctx->dev->netdev_ops->ndo_fill_forward_path) {
> + last_dev = ctx->dev;
> path = dev_fwd_path(stack);
> if (!path)
> return -1;
>
> memset(path, 0, sizeof(struct net_device_path));
> - ret = ctx.dev->netdev_ops->ndo_fill_forward_path(&ctx, path);
> + ret = ctx->dev->netdev_ops->ndo_fill_forward_path(ctx, path);
> if (ret < 0)
> return -1;
>
> - if (WARN_ON_ONCE(last_dev == ctx.dev))
> + if (WARN_ON_ONCE(last_dev == ctx->dev))
> return -1;
> }
>
> - if (!ctx.dev)
> + if (!ctx->dev)
> return ret;
>
> path = dev_fwd_path(stack);
> if (!path)
> return -1;
> path->type = DEV_PATH_ETHERNET;
> - path->dev = ctx.dev;
> + path->dev = ctx->dev;
> +
> + return ret;
> +}
> +
> +int dev_fill_bridge_path(struct net_device_path_ctx *ctx,
> + struct net_device_path_stack *stack)
> +{
> + const struct net_device *last_dev, *br_dev;
> + struct net_device_path *path;
> + int ret = 0;
> +
> + stack->num_paths = 0;
> +
> + if (!ctx->dev || !netif_is_bridge_port(ctx->dev))
> + return -1;
> +
> + br_dev = netdev_master_upper_dev_get_rcu((struct net_device *)ctx->dev);
> + if (!br_dev || !br_dev->netdev_ops->ndo_fill_forward_path)
> + return -1;
> +
> + last_dev = ctx->dev;
> + path = dev_fwd_path(stack);
> + if (!path)
> + return -1;
> +
> + memset(path, 0, sizeof(struct net_device_path));
> + ret = br_dev->netdev_ops->ndo_fill_forward_path(ctx, path);
> + if (ret < 0)
> + return -1;
> +
> + if (!ctx->dev || WARN_ON_ONCE(last_dev == ctx->dev))
> + return -1;
> +
> + if (!netif_is_bridge_master(ctx->dev))
hmm, do we expect ctx->dev to be a bridge master? Looking at
br_fill_forward_path, it seems to be == fdb->dst->dev which
should be the target port
> + return dev_fill_forward_path_common(ctx, stack);
> +
> + path = dev_fwd_path(stack);
> + if (!path)
> + return -1;
> + path->type = DEV_PATH_ETHERNET;
> + path->dev = ctx->dev;
>
> return ret;
> }
> +EXPORT_SYMBOL_GPL(dev_fill_bridge_path);
> +
> +int dev_fill_forward_path(const struct net_device *dev, const u8 *daddr,
> + struct net_device_path_stack *stack)
> +{
> + struct net_device_path_ctx ctx = {
> + .dev = dev,
> + };
> +
> + memcpy(ctx.daddr, daddr, sizeof(ctx.daddr));
> +
> + stack->num_paths = 0;
> +
> + return dev_fill_forward_path_common(&ctx, stack);
> +}
> EXPORT_SYMBOL_GPL(dev_fill_forward_path);
>
> /**
Powered by blists - more mailing lists