lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241106134902.GP4507@kernel.org>
Date: Wed, 6 Nov 2024 13:49:02 +0000
From: Simon Horman <horms@...nel.org>
To: mrpre <mrpre@....com>
Cc: yonghong.song@...ux.dev, john.fastabend@...il.com,
	martin.lau@...nel.org, edumazet@...gle.com, jakub@...udflare.com,
	davem@...emloft.net, dsahern@...nel.org, kuba@...nel.org,
	pabeni@...hat.com, netdev@...r.kernel.org, bpf@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] bpf: Introduce cpu affinity for sockmap

On Fri, Nov 01, 2024 at 10:38:31AM +0800, mrpre wrote:

...

> diff --git a/net/core/sock_map.c b/net/core/sock_map.c
> index 07d6aa4e39ef..36e9787c60de 100644
> --- a/net/core/sock_map.c
> +++ b/net/core/sock_map.c
> @@ -465,7 +465,7 @@ static int sock_map_get_next_key(struct bpf_map *map, void *key, void *next)
>  }
>  
>  static int sock_map_update_common(struct bpf_map *map, u32 idx,
> -				  struct sock *sk, u64 flags)
> +				  struct sock *sk, u64 flags, s32 target_cpu)
>  {
>  	struct bpf_stab *stab = container_of(map, struct bpf_stab, map);
>  	struct sk_psock_link *link;
> @@ -490,6 +490,8 @@ static int sock_map_update_common(struct bpf_map *map, u32 idx,
>  	psock = sk_psock(sk);
>  	WARN_ON_ONCE(!psock);
>  
> +	psock->target_cpu = target_cpu;
> +
>  	spin_lock_bh(&stab->lock);
>  	osk = stab->sks[idx];
>  	if (osk && flags == BPF_NOEXIST) {

Hi Jiayuan Chen,

The code immediately following the hunk above is:

		ret = -EEXIST;
		goto out_unlock;
	} else if (!osk && flags == BPF_EXIST) {
		ret = -ENOENT;
		goto out_unlock;
	}

And it seems that these gotos are the only code paths that lead to
out_unlock, which looks like this:

out_unlock:
	spin_unlock_bh(&stab->lock);
	if (psock)
		sk_psock_put(sk, psock);
out_free:
	sk_psock_free_link(link);
	return ret;
}

As you can see, the code under out_unlock expects that psock may be NULL.
But the code added to this function by your patch dereferences it
unconditionally. This seems inconsistent.

Flagged by Smatch.

...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ