[bpf-next,0/2] double-fix bpf_test_run + XDP_PASS recycling

Message ID	20230316175051.922550-1-aleksander.lobakin@intel.com (mailing list archive)
Headers	show Return-Path: <bpf-owner@vger.kernel.org> From: Alexander Lobakin <aleksander.lobakin@intel.com> To: Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Andrii Nakryiko <andrii@kernel.org>, Martin KaFai Lau <martin.lau@linux.dev> Cc: Alexander Lobakin <aleksander.lobakin@intel.com>, Maciej Fijalkowski <maciej.fijalkowski@intel.com>, Larysa Zaremba <larysa.zaremba@intel.com>, =?utf-8?q?Toke_H=C3=B8iland-J?= =?utf-8?q?=C3=B8rgensen?= <toke@redhat.com>, Ilya Leoshkevich <iii@linux.ibm.com>, Song Liu <song@kernel.org>, Jesper Dangaard Brouer <hawk@kernel.org>, Jakub Kicinski <kuba@kernel.org>, bpf@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH bpf-next 0/2] double-fix bpf_test_run + XDP_PASS recycling Date: Thu, 16 Mar 2023 18:50:49 +0100 Message-Id: <20230316175051.922550-1-aleksander.lobakin@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	double-fix bpf_test_run + XDP_PASS recycling \| expand [bpf-next,0/2] double-fix bpf_test_run + XDP_PASS recycling [bpf-next,1/2] bpf, test_run: fix crashes due to XDP frame overwriting/corruption [bpf-next,2/2] selftests/bpf: fix "metadata marker" getting overwritten by the netstack

Message ID

20230316175051.922550-1-aleksander.lobakin@intel.com (mailing list archive)

Headers

From: Alexander Lobakin <aleksander.lobakin@intel.com>
To: Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        Andrii Nakryiko <andrii@kernel.org>,
        Martin KaFai Lau <martin.lau@linux.dev>
Cc: Alexander Lobakin <aleksander.lobakin@intel.com>,
 Maciej Fijalkowski <maciej.fijalkowski@intel.com>,
 Larysa Zaremba <larysa.zaremba@intel.com>, =?utf-8?q?Toke_H=C3=B8iland-J?=
	=?utf-8?q?=C3=B8rgensen?= <toke@redhat.com>,
 Ilya Leoshkevich <iii@linux.ibm.com>, Song Liu <song@kernel.org>,
 Jesper Dangaard Brouer <hawk@kernel.org>, Jakub Kicinski <kuba@kernel.org>,
 bpf@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH bpf-next 0/2] double-fix bpf_test_run + XDP_PASS recycling
Date: Thu, 16 Mar 2023 18:50:49 +0100
Message-Id: <20230316175051.922550-1-aleksander.lobakin@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

double-fix bpf_test_run + XDP_PASS recycling | expand

Message

Alexander Lobakin March 16, 2023, 5:50 p.m. UTC

Enabling skb PP recycling revealed a couple issues in the bpf_test_run
code. Recycling broke the assumption that the headroom won't ever be
touched during the test_run execution: xdp_scrub_frame() invalidates the
XDP frame at the headroom start, while neigh xmit code overwrites 2 bytes
to the left of the Ethernet header. The first makes the kernel panic in
certain cases, while the second breaks xdp_do_redirect selftest on BE.
test_run is a limited-scope entity, so let's hope no more corner cases
will happen here or at least they will be as easy and pleasant to fix
as those two.

Alexander Lobakin (2):
  bpf, test_run: fix crashes due to XDP frame overwriting/corruption
  selftests/bpf: fix "metadata marker" getting overwritten by the
    netstack

 net/bpf/test_run.c                                   | 12 +++++++++++-
 .../selftests/bpf/prog_tests/xdp_do_redirect.c       |  7 ++++---
 .../selftests/bpf/progs/test_xdp_do_redirect.c       |  2 +-
 3 files changed, 16 insertions(+), 5 deletions(-)

Comments

patchwork-bot+netdevbpf@kernel.org March 17, 2023, 5:30 a.m. UTC | #1

Hello:

This series was applied to bpf/bpf-next.git (master)
by Alexei Starovoitov <ast@kernel.org>:

On Thu, 16 Mar 2023 18:50:49 +0100 you wrote:
> Enabling skb PP recycling revealed a couple issues in the bpf_test_run
> code. Recycling broke the assumption that the headroom won't ever be
> touched during the test_run execution: xdp_scrub_frame() invalidates the
> XDP frame at the headroom start, while neigh xmit code overwrites 2 bytes
> to the left of the Ethernet header. The first makes the kernel panic in
> certain cases, while the second breaks xdp_do_redirect selftest on BE.
> test_run is a limited-scope entity, so let's hope no more corner cases
> will happen here or at least they will be as easy and pleasant to fix
> as those two.
> 
> [...]

Here is the summary with links:
  - [bpf-next,1/2] bpf, test_run: fix crashes due to XDP frame overwriting/corruption
    https://git.kernel.org/bpf/bpf-next/c/e5995bc7e2ba
  - [bpf-next,2/2] selftests/bpf: fix "metadata marker" getting overwritten by the netstack
    https://git.kernel.org/bpf/bpf-next/c/5640b6d89434

You are awesome, thank you!