diff mbox series

[net-next,1/1] netfilter: flowtable: Make sure dst_cache is valid before using it

Message ID 20210411081334.1994938-1-roid@nvidia.com (mailing list archive)
State Awaiting Upstream
Delegated to: Netdev Maintainers
Headers show
Series [net-next,1/1] netfilter: flowtable: Make sure dst_cache is valid before using it | expand

Checks

Context Check Description
netdev/cover_letter success Link
netdev/fixes_present success Link
netdev/patch_count success Link
netdev/tree_selection success Clearly marked for net-next
netdev/subject_prefix success Link
netdev/cc_maintainers warning 6 maintainers not CCed: kadlec@netfilter.org coreteam@netfilter.org fw@strlen.de davem@davemloft.net netfilter-devel@vger.kernel.org kuba@kernel.org
netdev/source_inline success Was 0 now: 0
netdev/verify_signedoff success Link
netdev/module_param success Was 0 now: 0
netdev/build_32bit success Errors and warnings before: 0 this patch: 0
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/verify_fixes success Link
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 8 lines checked
netdev/build_allmodconfig_warn success Errors and warnings before: 0 this patch: 0
netdev/header_inline success Link

Commit Message

Roi Dayan April 11, 2021, 8:13 a.m. UTC 
It could be dst_cache was not set so check it's not null before using
it.

Fixes: 8b9229d15877 ("netfilter: flowtable: dst_check() from garbage collector path")
Signed-off-by: Roi Dayan <roid@nvidia.com>
---
 net/netfilter/nf_flow_table_core.c | 2 ++
 1 file changed, 2 insertions(+)

Comments

Pablo Neira Ayuso April 11, 2021, 10:58 a.m. UTC | #1 
Hi Roi,

On Sun, Apr 11, 2021 at 11:13:34AM +0300, Roi Dayan wrote:
> It could be dst_cache was not set so check it's not null before using
> it.

Could you give a try to this fix?

net/sched/act_ct.c leaves the xmit_type as FLOW_OFFLOAD_XMIT_UNSPEC
since it does not cache a route.

Thanks.

> Fixes: 8b9229d15877 ("netfilter: flowtable: dst_check() from garbage collector path")
> Signed-off-by: Roi Dayan <roid@nvidia.com>
> ---
>  net/netfilter/nf_flow_table_core.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c
> index 76573bae6664..e426077aaed1 100644
> --- a/net/netfilter/nf_flow_table_core.c
> +++ b/net/netfilter/nf_flow_table_core.c
> @@ -410,6 +410,8 @@ static bool flow_offload_stale_dst(struct flow_offload_tuple *tuple)
>  	if (tuple->xmit_type == FLOW_OFFLOAD_XMIT_NEIGH ||
>  	    tuple->xmit_type == FLOW_OFFLOAD_XMIT_XFRM) {
>  		dst = tuple->dst_cache;
> +		if (!dst)
> +			return false;
>  		if (!dst_check(dst, tuple->dst_cookie))
>  			return true;
>  	}
> -- 
> 2.26.2
>
Roi Dayan April 12, 2021, 8:26 a.m. UTC | #2 
On 2021-04-11 1:58 PM, Pablo Neira Ayuso wrote:
> Hi Roi,
> 
> On Sun, Apr 11, 2021 at 11:13:34AM +0300, Roi Dayan wrote:
>> It could be dst_cache was not set so check it's not null before using
>> it.
> 
> Could you give a try to this fix?
> 
> net/sched/act_ct.c leaves the xmit_type as FLOW_OFFLOAD_XMIT_UNSPEC
> since it does not cache a route.
> 
> Thanks.
> 

what do you mean? FLOW_OFFLOAD_XMIT_UNSPEC doesn't exists so default 0
is set.

do you suggest adding that enum option as 0?

this is the current xmit_type enum

enum flow_offload_xmit_type {
        FLOW_OFFLOAD_XMIT_NEIGH         = 0,
        FLOW_OFFLOAD_XMIT_XFRM,
        FLOW_OFFLOAD_XMIT_DIRECT,
};



>> Fixes: 8b9229d15877 ("netfilter: flowtable: dst_check() from garbage collector path")
>> Signed-off-by: Roi Dayan <roid@nvidia.com>
>> ---
>>   net/netfilter/nf_flow_table_core.c | 2 ++
>>   1 file changed, 2 insertions(+)
>>
>> diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c
>> index 76573bae6664..e426077aaed1 100644
>> --- a/net/netfilter/nf_flow_table_core.c
>> +++ b/net/netfilter/nf_flow_table_core.c
>> @@ -410,6 +410,8 @@ static bool flow_offload_stale_dst(struct flow_offload_tuple *tuple)
>>   	if (tuple->xmit_type == FLOW_OFFLOAD_XMIT_NEIGH ||
>>   	    tuple->xmit_type == FLOW_OFFLOAD_XMIT_XFRM) {
>>   		dst = tuple->dst_cache;
>> +		if (!dst)
>> +			return false;
>>   		if (!dst_check(dst, tuple->dst_cookie))
>>   			return true;
>>   	}
>> -- 
>> 2.26.2
>>
Pablo Neira Ayuso April 12, 2021, 11:42 a.m. UTC | #3 
On Mon, Apr 12, 2021 at 11:26:35AM +0300, Roi Dayan wrote:
> 
> 
> On 2021-04-11 1:58 PM, Pablo Neira Ayuso wrote:
> > Hi Roi,
> > 
> > On Sun, Apr 11, 2021 at 11:13:34AM +0300, Roi Dayan wrote:
> > > It could be dst_cache was not set so check it's not null before using
> > > it.
> > 
> > Could you give a try to this fix?
> > 
> > net/sched/act_ct.c leaves the xmit_type as FLOW_OFFLOAD_XMIT_UNSPEC
> > since it does not cache a route.
> > 
> > Thanks.
> > 
> 
> what do you mean? FLOW_OFFLOAD_XMIT_UNSPEC doesn't exists so default 0
> is set.
> 
> do you suggest adding that enum option as 0?

Yes. This could be FLOW_OFFLOAD_XMIT_TC instead if you prefer.

enum flow_offload_xmit_type {
        FLOW_OFFLOAD_XMIT_TC        = 0,
        FLOW_OFFLOAD_XMIT_NEIGH,
        FLOW_OFFLOAD_XMIT_XFRM,
        FLOW_OFFLOAD_XMIT_DIRECT,
};

so there is no need to check for no route in the
FLOW_OFFLOAD_XMIT_NEIGH case (it's assumed this type always has a
route).
Roi Dayan April 13, 2021, 7:58 a.m. UTC | #4 
On 2021-04-12 2:42 PM, Pablo Neira Ayuso wrote:
> On Mon, Apr 12, 2021 at 11:26:35AM +0300, Roi Dayan wrote:
>>
>>
>> On 2021-04-11 1:58 PM, Pablo Neira Ayuso wrote:
>>> Hi Roi,
>>>
>>> On Sun, Apr 11, 2021 at 11:13:34AM +0300, Roi Dayan wrote:
>>>> It could be dst_cache was not set so check it's not null before using
>>>> it.
>>>
>>> Could you give a try to this fix?
>>>
>>> net/sched/act_ct.c leaves the xmit_type as FLOW_OFFLOAD_XMIT_UNSPEC
>>> since it does not cache a route.
>>>
>>> Thanks.
>>>
>>
>> what do you mean? FLOW_OFFLOAD_XMIT_UNSPEC doesn't exists so default 0
>> is set.
>>
>> do you suggest adding that enum option as 0?
> 
> Yes. This could be FLOW_OFFLOAD_XMIT_TC instead if you prefer.
> 
> enum flow_offload_xmit_type {
>          FLOW_OFFLOAD_XMIT_TC        = 0,
>          FLOW_OFFLOAD_XMIT_NEIGH,
>          FLOW_OFFLOAD_XMIT_XFRM,
>          FLOW_OFFLOAD_XMIT_DIRECT,
> };
> 
> so there is no need to check for no route in the
> FLOW_OFFLOAD_XMIT_NEIGH case (it's assumed this type always has a
> route).
> 

thanks Pablo. were not sure I wanted to touch the enum.
I prefer unspec actually as you suggested initially.
it works fine by adding the enum.

i'll submit v2 with this suggestion.
diff mbox series

Patch

diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c
index 76573bae6664..e426077aaed1 100644
--- a/net/netfilter/nf_flow_table_core.c
+++ b/net/netfilter/nf_flow_table_core.c
@@ -410,6 +410,8 @@  static bool flow_offload_stale_dst(struct flow_offload_tuple *tuple)
 	if (tuple->xmit_type == FLOW_OFFLOAD_XMIT_NEIGH ||
 	    tuple->xmit_type == FLOW_OFFLOAD_XMIT_XFRM) {
 		dst = tuple->dst_cache;
+		if (!dst)
+			return false;
 		if (!dst_check(dst, tuple->dst_cookie))
 			return true;
 	}