diff mbox series

net: Don't allow to attach xdp if bond slave device's upper already has a program

Message ID 20240814090811.35343-1-zhoufeng.zf@bytedance.com (mailing list archive)
State Superseded
Delegated to: Netdev Maintainers
Headers show
Series net: Don't allow to attach xdp if bond slave device's upper already has a program | expand

Checks

Context Check Description
netdev/series_format warning Single patches do not need cover letters; Target tree name not specified in the subject
netdev/tree_selection success Guessed tree name to be net-next
netdev/ynl success Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 29 this patch: 29
netdev/build_tools success No tools touched, skip
netdev/cc_maintainers success CCed 9 of 9 maintainers
netdev/build_clang success Errors and warnings before: 29 this patch: 29
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 34 this patch: 34
netdev/checkpatch warning WARNING: line length of 115 exceeds 80 columns
netdev/build_clang_rust success No Rust files in patch. Skipping build
netdev/kdoc success Errors and warnings before: 79 this patch: 79
netdev/source_inline success Was 0 now: 0
netdev/contest warning net-next-2024-08-15--00-00 (tests: 707)

Commit Message

Feng Zhou Aug. 14, 2024, 9:08 a.m. UTC 
From: Feng Zhou <zhoufeng.zf@bytedance.com>

Cannot attach when an upper device already has a program, This
restriction is only for bond's slave devices, and should not be
accidentally injured for devices like eth0 and vxlan0.

Signed-off-by: Feng Zhou <zhoufeng.zf@bytedance.com>
---
 net/core/dev.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

Comments

Toke Høiland-Jørgensen Aug. 14, 2024, 10:03 a.m. UTC | #1 
Feng zhou <zhoufeng.zf@bytedance.com> writes:

> From: Feng Zhou <zhoufeng.zf@bytedance.com>
>
> Cannot attach when an upper device already has a program, This
> restriction is only for bond's slave devices, and should not be
> accidentally injured for devices like eth0 and vxlan0.
>
> Signed-off-by: Feng Zhou <zhoufeng.zf@bytedance.com>

Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Paolo Abeni Aug. 15, 2024, 11:18 a.m. UTC | #2 
On 8/14/24 11:08, Feng zhou wrote:
> From: Feng Zhou <zhoufeng.zf@bytedance.com>
> 
> Cannot attach when an upper device already has a program, This
> restriction is only for bond's slave devices, and should not be
> accidentally injured for devices like eth0 and vxlan0.
> 
> Signed-off-by: Feng Zhou <zhoufeng.zf@bytedance.com>
> ---
>   net/core/dev.c | 10 ++++++----
>   1 file changed, 6 insertions(+), 4 deletions(-)
> 
> diff --git a/net/core/dev.c b/net/core/dev.c
> index 6ea1d20676fb..e1f87662376a 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -9501,10 +9501,12 @@ static int dev_xdp_attach(struct net_device *dev, struct netlink_ext_ack *extack
>   	}
>   
>   	/* don't allow if an upper device already has a program */
> -	netdev_for_each_upper_dev_rcu(dev, upper, iter) {
> -		if (dev_xdp_prog_count(upper) > 0) {
> -			NL_SET_ERR_MSG(extack, "Cannot attach when an upper device already has a program");
> -			return -EEXIST;
> +	if (netif_is_bond_slave(dev)) {

I think we want to consider even team port devices.

Thanks,

Paolo
Jiri Pirko Aug. 15, 2024, 12:36 p.m. UTC | #3 
Thu, Aug 15, 2024 at 01:18:33PM CEST, pabeni@redhat.com wrote:
>On 8/14/24 11:08, Feng zhou wrote:
>> From: Feng Zhou <zhoufeng.zf@bytedance.com>
>> 
>> Cannot attach when an upper device already has a program, This
>> restriction is only for bond's slave devices, and should not be
>> accidentally injured for devices like eth0 and vxlan0.
>> 
>> Signed-off-by: Feng Zhou <zhoufeng.zf@bytedance.com>
>> ---
>>   net/core/dev.c | 10 ++++++----
>>   1 file changed, 6 insertions(+), 4 deletions(-)
>> 
>> diff --git a/net/core/dev.c b/net/core/dev.c
>> index 6ea1d20676fb..e1f87662376a 100644
>> --- a/net/core/dev.c
>> +++ b/net/core/dev.c
>> @@ -9501,10 +9501,12 @@ static int dev_xdp_attach(struct net_device *dev, struct netlink_ext_ack *extack
>>   	}
>>   	/* don't allow if an upper device already has a program */
>> -	netdev_for_each_upper_dev_rcu(dev, upper, iter) {
>> -		if (dev_xdp_prog_count(upper) > 0) {
>> -			NL_SET_ERR_MSG(extack, "Cannot attach when an upper device already has a program");
>> -			return -EEXIST;
>> +	if (netif_is_bond_slave(dev)) {
>
>I think we want to consider even team port devices.

netif_is_lag_port()


>
>Thanks,
>
>Paolo
>
Feng Zhou Aug. 22, 2024, 8:25 a.m. UTC | #4 
在 2024/8/15 20:36, Jiri Pirko 写道:
> Thu, Aug 15, 2024 at 01:18:33PM CEST, pabeni@redhat.com wrote:
>> On 8/14/24 11:08, Feng zhou wrote:
>>> From: Feng Zhou <zhoufeng.zf@bytedance.com>
>>>
>>> Cannot attach when an upper device already has a program, This
>>> restriction is only for bond's slave devices, and should not be
>>> accidentally injured for devices like eth0 and vxlan0.
>>>
>>> Signed-off-by: Feng Zhou <zhoufeng.zf@bytedance.com>
>>> ---
>>>    net/core/dev.c | 10 ++++++----
>>>    1 file changed, 6 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/net/core/dev.c b/net/core/dev.c
>>> index 6ea1d20676fb..e1f87662376a 100644
>>> --- a/net/core/dev.c
>>> +++ b/net/core/dev.c
>>> @@ -9501,10 +9501,12 @@ static int dev_xdp_attach(struct net_device *dev, struct netlink_ext_ack *extack
>>>    	}
>>>    	/* don't allow if an upper device already has a program */
>>> -	netdev_for_each_upper_dev_rcu(dev, upper, iter) {
>>> -		if (dev_xdp_prog_count(upper) > 0) {
>>> -			NL_SET_ERR_MSG(extack, "Cannot attach when an upper device already has a program");
>>> -			return -EEXIST;
>>> +	if (netif_is_bond_slave(dev)) {
>>
>> I think we want to consider even team port devices.
> 
> netif_is_lag_port()
> 
> 

Will do, thanks.

>>
>> Thanks,
>>
>> Paolo
>>
diff mbox series

Patch

diff --git a/net/core/dev.c b/net/core/dev.c
index 6ea1d20676fb..e1f87662376a 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -9501,10 +9501,12 @@  static int dev_xdp_attach(struct net_device *dev, struct netlink_ext_ack *extack
 	}
 
 	/* don't allow if an upper device already has a program */
-	netdev_for_each_upper_dev_rcu(dev, upper, iter) {
-		if (dev_xdp_prog_count(upper) > 0) {
-			NL_SET_ERR_MSG(extack, "Cannot attach when an upper device already has a program");
-			return -EEXIST;
+	if (netif_is_bond_slave(dev)) {
+		netdev_for_each_upper_dev_rcu(dev, upper, iter) {
+			if (dev_xdp_prog_count(upper) > 0) {
+				NL_SET_ERR_MSG(extack, "Cannot attach when an upper device already has a program");
+				return -EEXIST;
+			}
 		}
 	}