From patchwork Tue Jul 12 10:57:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Taehee Yoo X-Patchwork-Id: 12914729 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D46CAC433EF for ; Tue, 12 Jul 2022 10:57:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232711AbiGLK5b (ORCPT ); Tue, 12 Jul 2022 06:57:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42958 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232750AbiGLK52 (ORCPT ); Tue, 12 Jul 2022 06:57:28 -0400 Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com [IPv6:2607:f8b0:4864:20::1035]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C1173AE575 for ; Tue, 12 Jul 2022 03:57:27 -0700 (PDT) Received: by mail-pj1-x1035.google.com with SMTP id o31-20020a17090a0a2200b001ef7bd037bbso7605020pjo.0 for ; Tue, 12 Jul 2022 03:57:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=VGNmWVn47GwbmNQqUc2vBMkpr/Mz4IMDRgmNTmAszqM=; b=RLWKa76jBvU79HE3qUEEDneWoQstckX62Wsa1DrLvG8MudJgaIJZ1iiphekShA8Cl5 kP69CLdNUjOXvQ1TXsxXAHywxZ3RPFvg2ybZ6yfEgXnL3GxpZevuySJlSn16Lnaqu2aE ZZSLct1n9GU4O11jUIYEbMRu6V7Fxnt2L+p1SMfDd9/n2BxXTqOyFCihyamUTb7LL67Y vnPK8GS0Hlk6HzGN6Y1rj1Av+pTFV53shCM+ptbphX8/gGjnyfp1YmeQdLHQGaY+vxaJ pduQYRdBjbUt8naGGdCeN1Eiz0S1LdK8kUYSUXZGO6RJpfMva/zCSabw70GvvCF3ZHDJ mZKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=VGNmWVn47GwbmNQqUc2vBMkpr/Mz4IMDRgmNTmAszqM=; b=Gnuvjw/+moK4dIHOAQpY65JLQSe7vINw/ZTeVbMqzBUC66/L3NptXSDLaM0Gt2cPtS HMS/BNR3zMW4/az05DyOR4+wJTC36Olh52pcZzLYVbJ+Q3y2kE4aoq4xcglt7bDDG8Ac mmrqTaGoDTaMT6puF/5ItXacvLlPEKlt4VNdDNIiUcHc/Y6ZWwZpdoVxPATDnBdOmFB5 Umu+hUVOp+L0N2oxq2mZ0G3taUPosoXMkkMFz0eDBkS8E8rwNx7NjGSvQvFzvihnv+4L jzQbeoZPii3VhCWAA7uW61hPYS+/zL7WIdwyJIhE7pgIyOs2G2xcdfFDUI5YyFWcXzLH 2PlA== X-Gm-Message-State: AJIora/GHChLvFs1B8tfWp55N+9/VnVPhjoOj6LF5pcuDCWRE3P7sFGv SxWr4O//mlUsLywxf3AcroE= X-Google-Smtp-Source: AGRyM1tf91OMusciA0DgGDm3Pai8CXeUvwKR/C9hHmEZfp0VOA0RiSZ9N0LnLB82+CK/aOE/WVjvlQ== X-Received: by 2002:a17:902:c945:b0:16c:49c9:7932 with SMTP id i5-20020a170902c94500b0016c49c97932mr10155314pla.80.1657623447022; Tue, 12 Jul 2022 03:57:27 -0700 (PDT) Received: from localhost.localdomain ([182.213.254.91]) by smtp.gmail.com with ESMTPSA id im22-20020a170902bb1600b0016c37fe48casm5681714plb.193.2022.07.12.03.57.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Jul 2022 03:57:26 -0700 (PDT) From: Taehee Yoo To: davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com, edumazet@google.com, netdev@vger.kernel.org Cc: ap420073@gmail.com Subject: [PATCH net 1/8] amt: use workqueue for gateway side message handling Date: Tue, 12 Jul 2022 10:57:07 +0000 Message-Id: <20220712105714.12282-2-ap420073@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220712105714.12282-1-ap420073@gmail.com> References: <20220712105714.12282-1-ap420073@gmail.com> Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org There are some synchronization issues(amt->status, amt->req_cnt, etc) if the interface is in gateway mode because gateway message handlers are processed concurrently. This applies a work queue for processing these messages instead of expanding the locking context. So, the purposes of this patch are to fix exist race conditions and to make gateway to be able to validate a gateway status more correctly. When the AMT gateway interface is created, it tries to establish to relay. The establishment step looks stateless, but it should be managed well. In order to handle messages in the gateway, it saves the current status(i.e. AMT_STATUS_XXX). This patch makes gateway code to be worked with a single thread. Now, all messages except the multicast are triggered(received or delay expired), and these messages will be stored in the event queue(amt->events). Then, the single worker processes stored messages asynchronously one by one. The multicast data message type will be still processed immediately. Now, amt->lock is only needed to access the event queue(amt->events) if an interface is the gateway mode. Fixes: cbc21dc1cfe9 ("amt: add data plane of amt interface") Signed-off-by: Taehee Yoo --- drivers/net/amt.c | 158 +++++++++++++++++++++++++++++++++++++++++----- include/net/amt.h | 20 ++++++ 2 files changed, 163 insertions(+), 15 deletions(-) diff --git a/drivers/net/amt.c b/drivers/net/amt.c index be2719a3ba70..032c2934e466 100644 --- a/drivers/net/amt.c +++ b/drivers/net/amt.c @@ -900,6 +900,28 @@ static void amt_send_mld_gq(struct amt_dev *amt, struct amt_tunnel_list *tunnel) } #endif +static bool amt_queue_events(struct amt_dev *amt, enum amt_event event, + struct sk_buff *skb) +{ + int index; + + spin_lock_bh(&amt->lock); + if (amt->nr_events >= AMT_MAX_EVENTS) { + spin_unlock_bh(&amt->lock); + return 1; + } + + index = (amt->event_idx + amt->nr_events) % AMT_MAX_EVENTS; + amt->events[index].event = event; + amt->events[index].skb = skb; + amt->nr_events++; + amt->event_idx %= AMT_MAX_EVENTS; + queue_work(amt_wq, &amt->event_wq); + spin_unlock_bh(&amt->lock); + + return 0; +} + static void amt_secret_work(struct work_struct *work) { struct amt_dev *amt = container_of(to_delayed_work(work), @@ -913,12 +935,8 @@ static void amt_secret_work(struct work_struct *work) msecs_to_jiffies(AMT_SECRET_TIMEOUT)); } -static void amt_discovery_work(struct work_struct *work) +static void amt_event_send_discovery(struct amt_dev *amt) { - struct amt_dev *amt = container_of(to_delayed_work(work), - struct amt_dev, - discovery_wq); - spin_lock_bh(&amt->lock); if (amt->status > AMT_STATUS_SENT_DISCOVERY) goto out; @@ -933,11 +951,19 @@ static void amt_discovery_work(struct work_struct *work) spin_unlock_bh(&amt->lock); } -static void amt_req_work(struct work_struct *work) +static void amt_discovery_work(struct work_struct *work) { struct amt_dev *amt = container_of(to_delayed_work(work), struct amt_dev, - req_wq); + discovery_wq); + + if (amt_queue_events(amt, AMT_EVENT_SEND_DISCOVERY, NULL)) + mod_delayed_work(amt_wq, &amt->discovery_wq, + msecs_to_jiffies(AMT_DISCOVERY_TIMEOUT)); +} + +static void amt_event_send_request(struct amt_dev *amt) +{ u32 exp; spin_lock_bh(&amt->lock); @@ -967,6 +993,17 @@ static void amt_req_work(struct work_struct *work) spin_unlock_bh(&amt->lock); } +static void amt_req_work(struct work_struct *work) +{ + struct amt_dev *amt = container_of(to_delayed_work(work), + struct amt_dev, + req_wq); + + if (amt_queue_events(amt, AMT_EVENT_SEND_REQUEST, NULL)) + mod_delayed_work(amt_wq, &amt->req_wq, + msecs_to_jiffies(100)); +} + static bool amt_send_membership_update(struct amt_dev *amt, struct sk_buff *skb, bool v6) @@ -2392,12 +2429,14 @@ static bool amt_membership_query_handler(struct amt_dev *amt, skb->pkt_type = PACKET_MULTICAST; skb->ip_summed = CHECKSUM_NONE; len = skb->len; + rcu_read_lock_bh(); if (__netif_rx(skb) == NET_RX_SUCCESS) { amt_update_gw_status(amt, AMT_STATUS_RECEIVED_QUERY, true); dev_sw_netstats_rx_add(amt->dev, len); } else { amt->dev->stats.rx_dropped++; } + rcu_read_unlock_bh(); return false; } @@ -2688,6 +2727,38 @@ static bool amt_request_handler(struct amt_dev *amt, struct sk_buff *skb) return false; } +static void amt_gw_rcv(struct amt_dev *amt, struct sk_buff *skb) +{ + int type = amt_parse_type(skb); + int err = 1; + + if (type == -1) + goto drop; + + if (amt->mode == AMT_MODE_GATEWAY) { + switch (type) { + case AMT_MSG_ADVERTISEMENT: + err = amt_advertisement_handler(amt, skb); + break; + case AMT_MSG_MEMBERSHIP_QUERY: + err = amt_membership_query_handler(amt, skb); + if (!err) + return; + break; + default: + netdev_dbg(amt->dev, "Invalid type of Gateway\n"); + break; + } + } +drop: + if (err) { + amt->dev->stats.rx_dropped++; + kfree_skb(skb); + } else { + consume_skb(skb); + } +} + static int amt_rcv(struct sock *sk, struct sk_buff *skb) { struct amt_dev *amt; @@ -2719,8 +2790,12 @@ static int amt_rcv(struct sock *sk, struct sk_buff *skb) err = true; goto drop; } - err = amt_advertisement_handler(amt, skb); - break; + if (amt_queue_events(amt, AMT_EVENT_RECEIVE, skb)) { + netdev_dbg(amt->dev, "AMT Event queue full\n"); + err = true; + goto drop; + } + goto out; case AMT_MSG_MULTICAST_DATA: if (iph->saddr != amt->remote_ip) { netdev_dbg(amt->dev, "Invalid Relay IP\n"); @@ -2738,11 +2813,12 @@ static int amt_rcv(struct sock *sk, struct sk_buff *skb) err = true; goto drop; } - err = amt_membership_query_handler(amt, skb); - if (err) + if (amt_queue_events(amt, AMT_EVENT_RECEIVE, skb)) { + netdev_dbg(amt->dev, "AMT Event queue full\n"); + err = true; goto drop; - else - goto out; + } + goto out; default: err = true; netdev_dbg(amt->dev, "Invalid type of Gateway\n"); @@ -2780,6 +2856,45 @@ static int amt_rcv(struct sock *sk, struct sk_buff *skb) return 0; } +static void amt_event_work(struct work_struct *work) +{ + struct amt_dev *amt = container_of(work, struct amt_dev, event_wq); + struct sk_buff *skb; + u8 event; + + while (1) { + spin_lock(&amt->lock); + if (amt->nr_events == 0) { + spin_unlock(&amt->lock); + return; + } + event = amt->events[amt->event_idx].event; + skb = amt->events[amt->event_idx].skb; + amt->events[amt->event_idx].event = AMT_EVENT_NONE; + amt->events[amt->event_idx].skb = NULL; + amt->nr_events--; + amt->event_idx++; + amt->event_idx %= AMT_MAX_EVENTS; + spin_unlock(&amt->lock); + + switch (event) { + case AMT_EVENT_RECEIVE: + amt_gw_rcv(amt, skb); + break; + case AMT_EVENT_SEND_DISCOVERY: + amt_event_send_discovery(amt); + break; + case AMT_EVENT_SEND_REQUEST: + amt_event_send_request(amt); + break; + default: + if (skb) + kfree_skb(skb); + break; + } + } +} + static int amt_err_lookup(struct sock *sk, struct sk_buff *skb) { struct amt_dev *amt; @@ -2892,10 +3007,21 @@ static int amt_dev_stop(struct net_device *dev) struct amt_dev *amt = netdev_priv(dev); struct amt_tunnel_list *tunnel, *tmp; struct socket *sock; + struct sk_buff *skb; + int i; cancel_delayed_work_sync(&amt->req_wq); cancel_delayed_work_sync(&amt->discovery_wq); cancel_delayed_work_sync(&amt->secret_wq); + cancel_work_sync(&amt->event_wq); + + for (i = 0; i < AMT_MAX_EVENTS; i++) { + skb = amt->events[i].skb; + if (skb) + kfree_skb(skb); + amt->events[i].event = AMT_EVENT_NONE; + amt->events[i].skb = NULL; + } /* shutdown */ sock = rtnl_dereference(amt->sock); @@ -3051,6 +3177,8 @@ static int amt_newlink(struct net *net, struct net_device *dev, amt->max_tunnels = AMT_MAX_TUNNELS; spin_lock_init(&amt->lock); + amt->event_idx = 0; + amt->nr_events = 0; amt->max_groups = AMT_MAX_GROUP; amt->max_sources = AMT_MAX_SOURCE; amt->hash_buckets = AMT_HSIZE; @@ -3146,8 +3274,8 @@ static int amt_newlink(struct net *net, struct net_device *dev, INIT_DELAYED_WORK(&amt->discovery_wq, amt_discovery_work); INIT_DELAYED_WORK(&amt->req_wq, amt_req_work); INIT_DELAYED_WORK(&amt->secret_wq, amt_secret_work); + INIT_WORK(&amt->event_wq, amt_event_work); INIT_LIST_HEAD(&amt->tunnel_list); - return 0; err: dev_put(amt->stream_dev); @@ -3280,7 +3408,7 @@ static int __init amt_init(void) if (err < 0) goto unregister_notifier; - amt_wq = alloc_workqueue("amt", WQ_UNBOUND, 1); + amt_wq = alloc_workqueue("amt", WQ_UNBOUND, 0); if (!amt_wq) { err = -ENOMEM; goto rtnl_unregister; diff --git a/include/net/amt.h b/include/net/amt.h index 0e40c3d64fcf..08fc30cf2f34 100644 --- a/include/net/amt.h +++ b/include/net/amt.h @@ -78,6 +78,15 @@ enum amt_status { #define AMT_STATUS_MAX (__AMT_STATUS_MAX - 1) +/* Gateway events only */ +enum amt_event { + AMT_EVENT_NONE, + AMT_EVENT_RECEIVE, + AMT_EVENT_SEND_DISCOVERY, + AMT_EVENT_SEND_REQUEST, + __AMT_EVENT_MAX, +}; + struct amt_header { #if defined(__LITTLE_ENDIAN_BITFIELD) u8 type:4, @@ -292,6 +301,12 @@ struct amt_group_node { struct hlist_head sources[]; }; +#define AMT_MAX_EVENTS 16 +struct amt_events { + enum amt_event event; + struct sk_buff *skb; +}; + struct amt_dev { struct net_device *dev; struct net_device *stream_dev; @@ -308,6 +323,7 @@ struct amt_dev { struct delayed_work req_wq; /* Protected by RTNL */ struct delayed_work secret_wq; + struct work_struct event_wq; /* AMT status */ enum amt_status status; /* Generated key */ @@ -345,6 +361,10 @@ struct amt_dev { /* Used only in gateway mode */ u64 mac:48, reserved:16; + /* AMT gateway side message handler queue */ + struct amt_events events[AMT_MAX_EVENTS]; + u8 event_idx; + u8 nr_events; }; #define AMT_TOS 0xc0 From patchwork Tue Jul 12 10:57:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Taehee Yoo X-Patchwork-Id: 12914730 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D32D3C433EF for ; Tue, 12 Jul 2022 10:57:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232781AbiGLK5h (ORCPT ); Tue, 12 Jul 2022 06:57:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43008 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232732AbiGLK5b (ORCPT ); Tue, 12 Jul 2022 06:57:31 -0400 Received: from mail-pg1-x52d.google.com (mail-pg1-x52d.google.com [IPv6:2607:f8b0:4864:20::52d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 38E43AEF44 for ; Tue, 12 Jul 2022 03:57:30 -0700 (PDT) Received: by mail-pg1-x52d.google.com with SMTP id s206so7229722pgs.3 for ; Tue, 12 Jul 2022 03:57:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=K71MS99bqz99tan2aa/FDDH12hy8394zX/UitXYZGEs=; b=eA1rm4w6Fx0fZRqOYJimlzIG2zvmbB8m5tYv9Y1JKQWbcRRiThxlmPEQYvhIJmDonx MtE564Vg8Ron4N7cfolfdvIbrfAdPI9d55SAEC1QngK6vP6yfsyDEhXFaSUzA+BPIxrN T71amjmp1wgeyRL3wYwiKu3Z76VEbf1+oVCKzyY7VAmU3L3mV2HpT6jzgVcjKHzZ7yi0 VENd/wsKvg4tm6Wgy41u5fEb+gdv3dloWbFqUymHE0ikhjhfAsPDCOmqKJKU5kjn+JFr k247+6P+vomE8R6OXsmO4mH3ZTSHPxeEhufPvZoI15RvXGKZwZSDY4gcSay1uuofYapI YbGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=K71MS99bqz99tan2aa/FDDH12hy8394zX/UitXYZGEs=; b=yz2+OKnWR197KiHiTLyeed868a5u2Aefz/Wnplvmlwx6AZo3MBdJjr3I9t/6n++Jql mwPnfLqTsmfliDzebWAxJwf1uPLj0X9kUmmPnhgd4XBK/W1ncJgALno+wxnNAYBLGDCD 59dcXZpsvgoD5nhfB1kFdQ0CHEcQ7kF1NiEyOvoYAcQ1jZdvjlOgdT12xYY5sJ08/mRr oZjOoTGVCgSiWSGaqpQd42CS5mm7B3gWv7kPXYO+iIwtWgdDrPhMSeEe+kL/WJl/wFSX 7X/rKIQCnwy3YC1WVi/8mdHkEn8r+Ueypp3C9I9W6HFGuBwdMBjt7j7yraN3T6XKxYix ifqg== X-Gm-Message-State: AJIora+uRRr75T9w0dHJEXXr8c2vmI0NKsIYdmoXZrzqbhfrqKSHjc3G z8lVoWAuhxeadHIJdQ+u5kU= X-Google-Smtp-Source: AGRyM1vtaS/K/rmpIA7rjknq7p4F1ObPFn9CNzn3fiACx4w0ikB9MwKIqGO83Okm2/CMGWKthSky9Q== X-Received: by 2002:aa7:9583:0:b0:52a:f076:5043 with SMTP id z3-20020aa79583000000b0052af0765043mr1008312pfj.9.1657623449623; Tue, 12 Jul 2022 03:57:29 -0700 (PDT) Received: from localhost.localdomain ([182.213.254.91]) by smtp.gmail.com with ESMTPSA id im22-20020a170902bb1600b0016c37fe48casm5681714plb.193.2022.07.12.03.57.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Jul 2022 03:57:28 -0700 (PDT) From: Taehee Yoo To: davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com, edumazet@google.com, netdev@vger.kernel.org Cc: ap420073@gmail.com Subject: [PATCH net 2/8] amt: remove unnecessary locks Date: Tue, 12 Jul 2022 10:57:08 +0000 Message-Id: <20220712105714.12282-3-ap420073@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220712105714.12282-1-ap420073@gmail.com> References: <20220712105714.12282-1-ap420073@gmail.com> Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org By the previous patch, amt gateway handlers are changed to worked by a single thread. So, most locks for gateway are not needed. So, it removes. Fixes: cbc21dc1cfe9 ("amt: add data plane of amt interface") Signed-off-by: Taehee Yoo --- drivers/net/amt.c | 32 +++++--------------------------- 1 file changed, 5 insertions(+), 27 deletions(-) diff --git a/drivers/net/amt.c b/drivers/net/amt.c index 032c2934e466..3ff8e522b92a 100644 --- a/drivers/net/amt.c +++ b/drivers/net/amt.c @@ -577,8 +577,8 @@ static struct sk_buff *amt_build_igmp_gq(struct amt_dev *amt) return skb; } -static void __amt_update_gw_status(struct amt_dev *amt, enum amt_status status, - bool validate) +static void amt_update_gw_status(struct amt_dev *amt, enum amt_status status, + bool validate) { if (validate && amt->status >= status) return; @@ -600,14 +600,6 @@ static void __amt_update_relay_status(struct amt_tunnel_list *tunnel, tunnel->status = status; } -static void amt_update_gw_status(struct amt_dev *amt, enum amt_status status, - bool validate) -{ - spin_lock_bh(&amt->lock); - __amt_update_gw_status(amt, status, validate); - spin_unlock_bh(&amt->lock); -} - static void amt_update_relay_status(struct amt_tunnel_list *tunnel, enum amt_status status, bool validate) { @@ -700,9 +692,7 @@ static void amt_send_discovery(struct amt_dev *amt) if (unlikely(net_xmit_eval(err))) amt->dev->stats.tx_errors++; - spin_lock_bh(&amt->lock); - __amt_update_gw_status(amt, AMT_STATUS_SENT_DISCOVERY, true); - spin_unlock_bh(&amt->lock); + amt_update_gw_status(amt, AMT_STATUS_SENT_DISCOVERY, true); out: rcu_read_unlock(); } @@ -937,18 +927,14 @@ static void amt_secret_work(struct work_struct *work) static void amt_event_send_discovery(struct amt_dev *amt) { - spin_lock_bh(&amt->lock); if (amt->status > AMT_STATUS_SENT_DISCOVERY) goto out; get_random_bytes(&amt->nonce, sizeof(__be32)); - spin_unlock_bh(&amt->lock); amt_send_discovery(amt); - spin_lock_bh(&amt->lock); out: mod_delayed_work(amt_wq, &amt->discovery_wq, msecs_to_jiffies(AMT_DISCOVERY_TIMEOUT)); - spin_unlock_bh(&amt->lock); } static void amt_discovery_work(struct work_struct *work) @@ -966,7 +952,6 @@ static void amt_event_send_request(struct amt_dev *amt) { u32 exp; - spin_lock_bh(&amt->lock); if (amt->status < AMT_STATUS_RECEIVED_ADVERTISEMENT) goto out; @@ -976,21 +961,18 @@ static void amt_event_send_request(struct amt_dev *amt) amt->ready4 = false; amt->ready6 = false; amt->remote_ip = 0; - __amt_update_gw_status(amt, AMT_STATUS_INIT, false); + amt_update_gw_status(amt, AMT_STATUS_INIT, false); amt->req_cnt = 0; goto out; } - spin_unlock_bh(&amt->lock); amt_send_request(amt, false); amt_send_request(amt, true); - spin_lock_bh(&amt->lock); - __amt_update_gw_status(amt, AMT_STATUS_SENT_REQUEST, true); + amt_update_gw_status(amt, AMT_STATUS_SENT_REQUEST, true); amt->req_cnt++; out: exp = min_t(u32, (1 * (1 << amt->req_cnt)), AMT_MAX_REQ_TIMEOUT); mod_delayed_work(amt_wq, &amt->req_wq, msecs_to_jiffies(exp * 1000)); - spin_unlock_bh(&amt->lock); } static void amt_req_work(struct work_struct *work) @@ -2386,12 +2368,10 @@ static bool amt_membership_query_handler(struct amt_dev *amt, ihv3 = skb_pull(skb, sizeof(*iph) + AMT_IPHDR_OPTS); skb_reset_transport_header(skb); skb_push(skb, sizeof(*iph) + AMT_IPHDR_OPTS); - spin_lock_bh(&amt->lock); amt->ready4 = true; amt->mac = amtmq->response_mac; amt->req_cnt = 0; amt->qi = ihv3->qqic; - spin_unlock_bh(&amt->lock); skb->protocol = htons(ETH_P_IP); eth->h_proto = htons(ETH_P_IP); ip_eth_mc_map(iph->daddr, eth->h_dest); @@ -2411,12 +2391,10 @@ static bool amt_membership_query_handler(struct amt_dev *amt, mld2q = skb_pull(skb, sizeof(*ip6h) + AMT_IP6HDR_OPTS); skb_reset_transport_header(skb); skb_push(skb, sizeof(*ip6h) + AMT_IP6HDR_OPTS); - spin_lock_bh(&amt->lock); amt->ready6 = true; amt->mac = amtmq->response_mac; amt->req_cnt = 0; amt->qi = mld2q->mld2q_qqic; - spin_unlock_bh(&amt->lock); skb->protocol = htons(ETH_P_IPV6); eth->h_proto = htons(ETH_P_IPV6); ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest); From patchwork Tue Jul 12 10:57:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Taehee Yoo X-Patchwork-Id: 12914731 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 68381CCA47C for ; Tue, 12 Jul 2022 10:57:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232805AbiGLK5l (ORCPT ); Tue, 12 Jul 2022 06:57:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43178 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232745AbiGLK5e (ORCPT ); Tue, 12 Jul 2022 06:57:34 -0400 Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C1781AEF50 for ; Tue, 12 Jul 2022 03:57:32 -0700 (PDT) Received: by mail-pl1-x635.google.com with SMTP id m14so6939274plg.5 for ; Tue, 12 Jul 2022 03:57:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=iMsIvLoy4gUgTHZwBFWQvUNHWvL/r9TQ3Q07LAwWE4s=; b=Jz81xJHGG0UNWsqYnwufThtFyPeTks+qZBzBZWsp9Gy19/bXdZTgKlHBlV476fH5Ob DgEpZ7UsABjNr0rR8jUUWgo7AGiXKworLtWrpibd78rUI6KCcPOi5EntV99NABeFG4q4 oUFOyQAuimL4w2im/Js4cK1tLI417zJ+/7LrrO2ijhikztPO+WuGJE+UWzuVJT40x3Y6 Io7pWanVgBGP2feYYXYwbpY8AjRjFnFjafk+6PZE6evV0TJMwQk9l8JyhfBuAriZ6DIK kigThDtQu5bw5Ep2VSUVAudoDrhRudEG3FzVHBJDAbQ+7e0mEHPFbnhSj3Wz2//r2R9v TgUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=iMsIvLoy4gUgTHZwBFWQvUNHWvL/r9TQ3Q07LAwWE4s=; b=JKM+dkLfex1eVP1OPrvHTCmeOXF26GAc6V0fDRdTT+v9b8VVGXVAeE1b//eF9fuksJ 4dCfy2EKgZlEF93UC0cM5JSR9NJ4r1Su1b9SPHv+/UuC3oT7B9LCS+rQQJsworACfyAq zV3UxdKikBfEZQoY4L1pSkNfKZpdAlp0+6bvWcvXBOcksA12oy6QB2hZPfTKEPZlnLoM DczULPdPPW37BJKWEhhz5vRtK3ZCstFnpFcwlezGiJ2ySvzzSPpMeFndtDd2ii3oSIrt Nl8cDsakZHv2i2Dy7MIyUGw2P69LHloKtzOojOA/A3OpXMo2sZsq2qbwNSkiCoTLlgS8 heEQ== X-Gm-Message-State: AJIora9+KCc1sbD07/38Q2j8/pcuzCl3c9L1Rk2coqW0TskmDLdhQCY1 NIuVDwAPNkGh/ULH12if2ATEg6PRB9o= X-Google-Smtp-Source: AGRyM1uieH5AoEzjOm/KWeRJ0EfODgzeAIB9T8ZQuckM2hmJiDwFR8yKsRqeez5nsDWYL1B1azGxdQ== X-Received: by 2002:a17:90b:1b41:b0:1f0:e99:ecc2 with SMTP id nv1-20020a17090b1b4100b001f00e99ecc2mr3603716pjb.122.1657623452169; Tue, 12 Jul 2022 03:57:32 -0700 (PDT) Received: from localhost.localdomain ([182.213.254.91]) by smtp.gmail.com with ESMTPSA id im22-20020a170902bb1600b0016c37fe48casm5681714plb.193.2022.07.12.03.57.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Jul 2022 03:57:31 -0700 (PDT) From: Taehee Yoo To: davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com, edumazet@google.com, netdev@vger.kernel.org Cc: ap420073@gmail.com Subject: [PATCH net 3/8] amt: use READ_ONCE() in amt module Date: Tue, 12 Jul 2022 10:57:09 +0000 Message-Id: <20220712105714.12282-4-ap420073@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220712105714.12282-1-ap420073@gmail.com> References: <20220712105714.12282-1-ap420073@gmail.com> Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org There are some data races in the amt module. amt->ready4, amt->ready6, and amt->status can be accessed concurrently without locks. So, it uses READ_ONCE() and WRITE_ONCE(). Fixes: cbc21dc1cfe9 ("amt: add data plane of amt interface") Signed-off-by: Taehee Yoo --- drivers/net/amt.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/drivers/net/amt.c b/drivers/net/amt.c index 3ff8e522b92a..9977ce9e5ae0 100644 --- a/drivers/net/amt.c +++ b/drivers/net/amt.c @@ -584,7 +584,7 @@ static void amt_update_gw_status(struct amt_dev *amt, enum amt_status status, return; netdev_dbg(amt->dev, "Update GW status %s -> %s", status_str[amt->status], status_str[status]); - amt->status = status; + WRITE_ONCE(amt->status, status); } static void __amt_update_relay_status(struct amt_tunnel_list *tunnel, @@ -958,8 +958,8 @@ static void amt_event_send_request(struct amt_dev *amt) if (amt->req_cnt > AMT_MAX_REQ_COUNT) { netdev_dbg(amt->dev, "Gateway is not ready"); amt->qi = AMT_INIT_REQ_TIMEOUT; - amt->ready4 = false; - amt->ready6 = false; + WRITE_ONCE(amt->ready4, false); + WRITE_ONCE(amt->ready6, false); amt->remote_ip = 0; amt_update_gw_status(amt, AMT_STATUS_INIT, false); amt->req_cnt = 0; @@ -1239,7 +1239,8 @@ static netdev_tx_t amt_dev_xmit(struct sk_buff *skb, struct net_device *dev) /* Gateway only passes IGMP/MLD packets */ if (!report) goto free; - if ((!v6 && !amt->ready4) || (v6 && !amt->ready6)) + if ((!v6 && !READ_ONCE(amt->ready4)) || + (v6 && !READ_ONCE(amt->ready6))) goto free; if (amt_send_membership_update(amt, skb, v6)) goto free; @@ -2368,7 +2369,7 @@ static bool amt_membership_query_handler(struct amt_dev *amt, ihv3 = skb_pull(skb, sizeof(*iph) + AMT_IPHDR_OPTS); skb_reset_transport_header(skb); skb_push(skb, sizeof(*iph) + AMT_IPHDR_OPTS); - amt->ready4 = true; + WRITE_ONCE(amt->ready4, true); amt->mac = amtmq->response_mac; amt->req_cnt = 0; amt->qi = ihv3->qqic; @@ -2391,7 +2392,7 @@ static bool amt_membership_query_handler(struct amt_dev *amt, mld2q = skb_pull(skb, sizeof(*ip6h) + AMT_IP6HDR_OPTS); skb_reset_transport_header(skb); skb_push(skb, sizeof(*ip6h) + AMT_IP6HDR_OPTS); - amt->ready6 = true; + WRITE_ONCE(amt->ready6, true); amt->mac = amtmq->response_mac; amt->req_cnt = 0; amt->qi = mld2q->mld2q_qqic; @@ -2897,7 +2898,7 @@ static int amt_err_lookup(struct sock *sk, struct sk_buff *skb) break; case AMT_MSG_REQUEST: case AMT_MSG_MEMBERSHIP_UPDATE: - if (amt->status >= AMT_STATUS_RECEIVED_ADVERTISEMENT) + if (READ_ONCE(amt->status) >= AMT_STATUS_RECEIVED_ADVERTISEMENT) mod_delayed_work(amt_wq, &amt->req_wq, 0); break; default: From patchwork Tue Jul 12 10:57:10 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Taehee Yoo X-Patchwork-Id: 12914732 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DFDEEC433EF for ; Tue, 12 Jul 2022 10:57:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232835AbiGLK5r (ORCPT ); Tue, 12 Jul 2022 06:57:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43008 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232767AbiGLK5g (ORCPT ); Tue, 12 Jul 2022 06:57:36 -0400 Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4933AAEF5D for ; Tue, 12 Jul 2022 03:57:35 -0700 (PDT) Received: by mail-pj1-x1030.google.com with SMTP id t5-20020a17090a6a0500b001ef965b262eso7576147pjj.5 for ; Tue, 12 Jul 2022 03:57:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=/lasAI/mgs5KIK9C1Khk06SG6KwVYMLAc7wApcYxGdE=; b=NAaqxTb4mnvCxZvbPFHtRLaUb1uxId/KhvNkJSCxFlhcGoiAIRVSqz9DD1glFtulU+ y1kQQav0RtxglUgE9rYInS0mH71Lt/wgegBK1sPNi9XphkYvYDofjZlmqlHhRrk3teX5 iu0MtbRwRnogbYNoXi892ySJ3sVw87V5KOs6E0Sb4R66Ug/C5LOw6DtekFTKbwbzHnma 2GDhXmDmkq/fHiK1HyvLAGcGIJpWhIUJP152fepp/EhRl4lNpYBMQYsvlPzhdoA0xvs3 wZmR2+myyPtzwKOcsSpa0TYB8MsNv3N7DPS5RQfDDewbHRJa3DVufiuxNY1EguHtBuwq gUNg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=/lasAI/mgs5KIK9C1Khk06SG6KwVYMLAc7wApcYxGdE=; b=aSR2fT6lZpSCd849LLPzQ1FFQpTeHlQszd4beMBEsIU6+cn9vhCsOk0BKJIZ305m9h pb4Sz3sUhNmmg2F1hYxiU1Uy8IEf5EWGgSglic8ok5FC2OFe4qsz35W6YH3wZdIu4cgt vKs50Frd+jey2OBEuB83AEfLwPnjunK7BL7M84OgbNII8JeQXYzgDMVNVAv30YTmI3ME vfilkxJeo9dDQ5O4JmbU/0XR7rSc0JyOiRMPBcNiVbtQw3rcLhC8CZpsRRxldPJ9357x lUqwFd6yW7ge0yOXFmmBQJqxx5oNdCFEF4fHtWT+ztyXSiK6/ZMVVc+0RSV0J5ISbahu J1Kg== X-Gm-Message-State: AJIora9GBt6ulJ7xxJ2WOEaUBrriE2qWNaOoTfiPOU7qOfcbZY+MvJ+X pAZkQKCM/oqHEHrU9B7Ns5jPGOLVIBE= X-Google-Smtp-Source: AGRyM1s86fF73ORB2EHZ8QE0RSz3r2Bp4tjnO10oICj3GwZZgP9mNz6N05foVUnVZ8GFQZPcPX3Svw== X-Received: by 2002:a17:902:c405:b0:16c:3cd:db84 with SMTP id k5-20020a170902c40500b0016c03cddb84mr23514085plk.6.1657623454708; Tue, 12 Jul 2022 03:57:34 -0700 (PDT) Received: from localhost.localdomain ([182.213.254.91]) by smtp.gmail.com with ESMTPSA id im22-20020a170902bb1600b0016c37fe48casm5681714plb.193.2022.07.12.03.57.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Jul 2022 03:57:34 -0700 (PDT) From: Taehee Yoo To: davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com, edumazet@google.com, netdev@vger.kernel.org Cc: ap420073@gmail.com Subject: [PATCH net 4/8] amt: add missing regeneration nonce logic in request logic Date: Tue, 12 Jul 2022 10:57:10 +0000 Message-Id: <20220712105714.12282-5-ap420073@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220712105714.12282-1-ap420073@gmail.com> References: <20220712105714.12282-1-ap420073@gmail.com> Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org When AMT gateway starts sending a new request message, it should regenerate the nonce variable. Fixes: cbc21dc1cfe9 ("amt: add data plane of amt interface") Signed-off-by: Taehee Yoo --- drivers/net/amt.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/net/amt.c b/drivers/net/amt.c index 9977ce9e5ae0..da2023d44da4 100644 --- a/drivers/net/amt.c +++ b/drivers/net/amt.c @@ -963,9 +963,13 @@ static void amt_event_send_request(struct amt_dev *amt) amt->remote_ip = 0; amt_update_gw_status(amt, AMT_STATUS_INIT, false); amt->req_cnt = 0; + amt->nonce = 0; goto out; } + if (!amt->req_cnt) + get_random_bytes(&amt->nonce, sizeof(__be32)); + amt_send_request(amt, false); amt_send_request(amt, true); amt_update_gw_status(amt, AMT_STATUS_SENT_REQUEST, true); From patchwork Tue Jul 12 10:57:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Taehee Yoo X-Patchwork-Id: 12914733 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id ADF24C43334 for ; Tue, 12 Jul 2022 10:57:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232858AbiGLK56 (ORCPT ); Tue, 12 Jul 2022 06:57:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42958 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232792AbiGLK5j (ORCPT ); Tue, 12 Jul 2022 06:57:39 -0400 Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 12D83AEF58 for ; Tue, 12 Jul 2022 03:57:38 -0700 (PDT) Received: by mail-pl1-x634.google.com with SMTP id f11so6944905plr.4 for ; Tue, 12 Jul 2022 03:57:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=LGkTbdioxug+o55nGFoCPR9/jxeWCQA+0+9cOAeyyAI=; b=eqkN3TXtj1AGrUY3MhlIPi0Zew5y8+UJlE7qSJPnNFshCyfrAJvoY11MN9Q0I3UJX4 Okh/89SRXJHepTB5EZlQ4n/MxjVBh2ymfS++LPSqwahBYQ5z/z0jLfogrABgDpvhOndi StTro1Zv1SxsbritxpElwUqCMwHswL+pnZgY3r5DL95U1RlZxIlNchfDURl2SPZkPW0/ /Q0LjIRs6w38B2qW/05dAJSsfA0oHtCcrHNE3U74xpz/aM/tnxJ3qagvON/LDsgqJi9+ p5H0NdSSyK6cn8LbCrkXYTmC5ilblZPk8MOKblJlVleCssvxpGEyKsjwy6brI6PN7Wrj o1bw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=LGkTbdioxug+o55nGFoCPR9/jxeWCQA+0+9cOAeyyAI=; b=gW0vpfTCPjke8XKdjnTO03x852Pe+9AQNweaRs3iTCXwfQ8JB97ZJW5+gwLMcpDOyV TLlWqivmOVEe7aoE6PG2Lw5z3SdwtuScpsh4ZgLfLlFlHi8iNnZe+nSmRgAlTPJpX0v2 xilpvKStZTg5iFoOjZ59aYp5naYOUfqXI4g6aEMtpRYGsLG6qxyDlKJsPwuqc4hsupkY lNX7XZGQ9flWtGjRZp8LxAcWfXSgipPDlFsUS3wkCR8UL3IjkfzljDxARxgIMoRX0UH7 cdkyNmaLvMKcrlBHdiQNGsZceu3rYu1A0LOnRppdrP52lJAfE+J0R/MSXzqFySxUaIuV NIbA== X-Gm-Message-State: AJIora+hD7yBH7gOx7vtVMoN78EquhvELFWAi+75rrNUbuoHR/HN6v7L cZTeJDwVVO8Re5wFh4HWkzc= X-Google-Smtp-Source: AGRyM1s7j96viMyWqmgG0MdBvQohds9buEzvyctWytiHHlmepsfCi1jxqpiRhzzOwCpnaLd8igP5wA== X-Received: by 2002:a17:90a:5101:b0:1ef:7fbb:7a22 with SMTP id t1-20020a17090a510100b001ef7fbb7a22mr3598461pjh.24.1657623457645; Tue, 12 Jul 2022 03:57:37 -0700 (PDT) Received: from localhost.localdomain ([182.213.254.91]) by smtp.gmail.com with ESMTPSA id im22-20020a170902bb1600b0016c37fe48casm5681714plb.193.2022.07.12.03.57.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Jul 2022 03:57:36 -0700 (PDT) From: Taehee Yoo To: davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com, edumazet@google.com, netdev@vger.kernel.org Cc: ap420073@gmail.com Subject: [PATCH net 5/8] amt: drop unexpected advertisement message Date: Tue, 12 Jul 2022 10:57:11 +0000 Message-Id: <20220712105714.12282-6-ap420073@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220712105714.12282-1-ap420073@gmail.com> References: <20220712105714.12282-1-ap420073@gmail.com> Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org AMT gateway interface should not receive unexpected advertisement messages. In order to drop these packets, it should check nonce and amt->status. Fixes: cbc21dc1cfe9 ("amt: add data plane of amt interface") Signed-off-by: Taehee Yoo --- drivers/net/amt.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/net/amt.c b/drivers/net/amt.c index da2023d44da4..6a12c32fb3a1 100644 --- a/drivers/net/amt.c +++ b/drivers/net/amt.c @@ -2260,6 +2260,10 @@ static bool amt_advertisement_handler(struct amt_dev *amt, struct sk_buff *skb) ipv4_is_zeronet(amta->ip4)) return true; + if (amt->status != AMT_STATUS_SENT_DISCOVERY || + amt->nonce != amta->nonce) + return true; + amt->remote_ip = amta->ip4; netdev_dbg(amt->dev, "advertised remote ip = %pI4\n", &amt->remote_ip); mod_delayed_work(amt_wq, &amt->req_wq, 0); @@ -2972,6 +2976,7 @@ static int amt_dev_open(struct net_device *dev) amt->req_cnt = 0; amt->remote_ip = 0; + amt->nonce = 0; get_random_bytes(&amt->key, sizeof(siphash_key_t)); amt->status = AMT_STATUS_INIT; From patchwork Tue Jul 12 10:57:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Taehee Yoo X-Patchwork-Id: 12914734 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 58C27CCA47C for ; Tue, 12 Jul 2022 10:58:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232887AbiGLK6A (ORCPT ); Tue, 12 Jul 2022 06:58:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43172 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232744AbiGLK5l (ORCPT ); Tue, 12 Jul 2022 06:57:41 -0400 Received: from mail-pf1-x42f.google.com (mail-pf1-x42f.google.com [IPv6:2607:f8b0:4864:20::42f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C9733AEF45 for ; Tue, 12 Jul 2022 03:57:40 -0700 (PDT) Received: by mail-pf1-x42f.google.com with SMTP id o12so7163578pfp.5 for ; Tue, 12 Jul 2022 03:57:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=sS1sxxt896YlUH8DlnqNj5vGkKCZA4/SobMileCBQiw=; b=PE7Mj6ktrq0WDR1s0P1e6EAd0/F7KSqa61YBCorR8nDzz06KRTld9UPHvoUZcH5dcN 0d6skSRbQIVEyrQW6Ri/59Vu6E9jHJy4bQaGSdAIH6py7TZo1GDRr1Lcf+bHsGR669D1 KiCyVKe6TYTC3ktbYsCnRzyiIUdJYeGw8HCYMxqu/4f14c/qKxsRPI9YkQ06qjSPYCaD NdCKFOvEP819y7fPj7km2a7aXrfD94Ey4CpBcbXt9hmLE/PrVzjF4yIfkLZvZ4xujKed 2JPYZUSEAzpKrxxsithJeBkdnHuiBNMZMLU9V5I+s+i2uN++ABsuth7vwBf08MCDkSR4 7hZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=sS1sxxt896YlUH8DlnqNj5vGkKCZA4/SobMileCBQiw=; b=feYZdrdc6dApiimoHcMAQ7AbM52h+B+gFIhCdsPa1N9pFSjcX0aGYHcPWPm9PfcDrQ kEYeFipoqWfUipf0n+YMb7/1KiS6HSG/ceVF5CoMVKY/ID8dwLjdMQp3ccZETzsyZ0pP YhUSCC0ZJMHgNKeWdmu5Zp7amHPQPAPbBrEky//QlVIDZun4X/aOJ86Blh7E4cuocmDc p3fO8awi8bPvcsWNB9BMGFlFcisNh0HbLMxZJ7hoa0pf5ZBxUpZYHotIIcNpESmT3eq+ OaYSF8T/tunNUFfDXuQS0gVwtEpAgQmdWPSEZ+/2ym//vf2tUby9lXWdnBdapA8aFY7p kObg== X-Gm-Message-State: AJIora91hH6HuYDqY0J843nrS+yUITin5ftoi5IPX1lMxn4hTBF3pTcA SXebgHDOCitEYxrwc0LwQ5g= X-Google-Smtp-Source: AGRyM1uoi+/p8SXUKIwaMhf58f5t+gpS9cLzXwPR8Ai8dyCdYqVl6GlDMybEvRm0n7PW4CdOStOObQ== X-Received: by 2002:a62:a113:0:b0:51c:1b4c:38d1 with SMTP id b19-20020a62a113000000b0051c1b4c38d1mr23066388pff.13.1657623460075; Tue, 12 Jul 2022 03:57:40 -0700 (PDT) Received: from localhost.localdomain ([182.213.254.91]) by smtp.gmail.com with ESMTPSA id im22-20020a170902bb1600b0016c37fe48casm5681714plb.193.2022.07.12.03.57.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Jul 2022 03:57:39 -0700 (PDT) From: Taehee Yoo To: davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com, edumazet@google.com, netdev@vger.kernel.org Cc: ap420073@gmail.com Subject: [PATCH net 6/8] amt: drop unexpected query message Date: Tue, 12 Jul 2022 10:57:12 +0000 Message-Id: <20220712105714.12282-7-ap420073@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220712105714.12282-1-ap420073@gmail.com> References: <20220712105714.12282-1-ap420073@gmail.com> Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org AMT gateway interface should not receive unexpected query messages. In order to drop unexpected query messages, it checks nonce. And it also checks ready4 and ready6 variables to drop duplicated messages. Fixes: cbc21dc1cfe9 ("amt: add data plane of amt interface") Signed-off-by: Taehee Yoo --- drivers/net/amt.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/drivers/net/amt.c b/drivers/net/amt.c index 6a12c32fb3a1..dbaf490cc33f 100644 --- a/drivers/net/amt.c +++ b/drivers/net/amt.c @@ -967,8 +967,11 @@ static void amt_event_send_request(struct amt_dev *amt) goto out; } - if (!amt->req_cnt) + if (!amt->req_cnt) { + WRITE_ONCE(amt->ready4, false); + WRITE_ONCE(amt->ready6, false); get_random_bytes(&amt->nonce, sizeof(__be32)); + } amt_send_request(amt, false); amt_send_request(amt, true); @@ -2353,6 +2356,9 @@ static bool amt_membership_query_handler(struct amt_dev *amt, if (amtmq->reserved || amtmq->version) return true; + if (amtmq->nonce != amt->nonce) + return true; + hdr_size -= sizeof(*eth); if (iptunnel_pull_header(skb, hdr_size, htons(ETH_P_TEB), false)) return true; @@ -2367,6 +2373,9 @@ static bool amt_membership_query_handler(struct amt_dev *amt, iph = ip_hdr(skb); if (iph->version == 4) { + if (READ_ONCE(amt->ready4)) + return true; + if (!pskb_may_pull(skb, sizeof(*iph) + AMT_IPHDR_OPTS + sizeof(*ihv3))) return true; @@ -2389,6 +2398,9 @@ static bool amt_membership_query_handler(struct amt_dev *amt, struct mld2_query *mld2q; struct ipv6hdr *ip6h; + if (READ_ONCE(amt->ready6)) + return true; + if (!pskb_may_pull(skb, sizeof(*ip6h) + AMT_IP6HDR_OPTS + sizeof(*mld2q))) return true; From patchwork Tue Jul 12 10:57:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Taehee Yoo X-Patchwork-Id: 12914735 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CF97ECCA47C for ; Tue, 12 Jul 2022 10:58:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232757AbiGLK6G (ORCPT ); Tue, 12 Jul 2022 06:58:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43192 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232746AbiGLK5o (ORCPT ); Tue, 12 Jul 2022 06:57:44 -0400 Received: from mail-pg1-x52d.google.com (mail-pg1-x52d.google.com [IPv6:2607:f8b0:4864:20::52d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 01B7BAEF6D for ; Tue, 12 Jul 2022 03:57:43 -0700 (PDT) Received: by mail-pg1-x52d.google.com with SMTP id s206so7230111pgs.3 for ; Tue, 12 Jul 2022 03:57:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ZmrZiQFBC6l990PQEciLe6BAOAE1sHLGUqsi0b7e6Dg=; b=KxjKQMr/lfbEXqjldbDjZ4pI+2u8vOX8/lneGr1gBHnlC5HJOVjOzIBOO/47gZzh0F 1rHfjAxvyUdi153eWc4ShkW8hBxHZByd/SV0fCcVyFaarVEupo8kIj+ATkJWm00izRbW WIzY6GkAo5sw3aVwMt4T6ek8412k4LUVnQW6aDuQZe2bbJ7NEmTyuQZZWflLftBaCGU2 Yu+dlVKTiRV8i418qvg24W6x4o39YibMG9a4e0F8O90zWi8QinmAJguHn8IBKcwANx1V VegAcSGDlFJ+sA8K0800YBGs80DEe6xPZEGHx2GZOKpi0F6ECLBWHGO0wlIJyUMOirJv /adQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ZmrZiQFBC6l990PQEciLe6BAOAE1sHLGUqsi0b7e6Dg=; b=reUS+Q/OSax+CGpto1TJduKpVBPKIRh06z5ZjMudip5Rybfsi1XJlAL3mKKM7Nqi+O ts1dnYwrdy0S8rY6cK/s4XfTJaG5/hPHeWfRuRHZF9RoFHohslKYrbGt+nq22Lp9Vj4t MlI3dNBuAKOVj/lNbKT30EWN/yEWCrZU6FlhzbUgpn1n0UJggkw/pz/or4NoGMCv3dsg Gt9y4gUF1baOp3SQTdKDRDstZd34qUO8uWfCn9XZWA+pN0IxwIMOOP57n5wO5IgNLHWv uH3X7WVTSSK1GvGfJKItlgOFvGyadYIHP6Q1t1IOTR5IrBjYkaZ7avfAYYJc8VnI5ZD0 rPaw== X-Gm-Message-State: AJIora+YsWc2i7PJqQGBUpSKq9tPq3YkA71oQoE8f6eFgTSFUjPFCXve nJbrQfKO3sy71ENHX+CMz9E= X-Google-Smtp-Source: AGRyM1szw81lcj7RQHvPWTU3UT0SS/kY+NskykmcWycABg+wJHVqvE9uShp9rr0Db9wsnVBo+JXsBw== X-Received: by 2002:a63:1e15:0:b0:411:c9e8:2f14 with SMTP id e21-20020a631e15000000b00411c9e82f14mr20543305pge.293.1657623462750; Tue, 12 Jul 2022 03:57:42 -0700 (PDT) Received: from localhost.localdomain ([182.213.254.91]) by smtp.gmail.com with ESMTPSA id im22-20020a170902bb1600b0016c37fe48casm5681714plb.193.2022.07.12.03.57.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Jul 2022 03:57:42 -0700 (PDT) From: Taehee Yoo To: davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com, edumazet@google.com, netdev@vger.kernel.org Cc: ap420073@gmail.com Subject: [PATCH net 7/8] amt: drop unexpected multicast data Date: Tue, 12 Jul 2022 10:57:13 +0000 Message-Id: <20220712105714.12282-8-ap420073@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220712105714.12282-1-ap420073@gmail.com> References: <20220712105714.12282-1-ap420073@gmail.com> Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org AMT gateway interface should not receive unexpected multicast data. Multicast data message type should be received after sending an update message, which means all establishment between gateway and relay is finished. So, amt_multicast_data_handler() checks amt->status. Fixes: cbc21dc1cfe9 ("amt: add data plane of amt interface") Signed-off-by: Taehee Yoo --- drivers/net/amt.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/net/amt.c b/drivers/net/amt.c index dbaf490cc33f..03decb3caa5c 100644 --- a/drivers/net/amt.c +++ b/drivers/net/amt.c @@ -2282,6 +2282,9 @@ static bool amt_multicast_data_handler(struct amt_dev *amt, struct sk_buff *skb) struct ethhdr *eth; struct iphdr *iph; + if (READ_ONCE(amt->status) != AMT_STATUS_SENT_UPDATE) + return true; + hdr_size = sizeof(*amtmd) + sizeof(struct udphdr); if (!pskb_may_pull(skb, hdr_size)) return true; From patchwork Tue Jul 12 10:57:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Taehee Yoo X-Patchwork-Id: 12914736 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A70C5C43334 for ; Tue, 12 Jul 2022 10:58:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232925AbiGLK6P (ORCPT ); Tue, 12 Jul 2022 06:58:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43522 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232833AbiGLK5q (ORCPT ); Tue, 12 Jul 2022 06:57:46 -0400 Received: from mail-pl1-x633.google.com (mail-pl1-x633.google.com [IPv6:2607:f8b0:4864:20::633]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B9B4EAEF63 for ; Tue, 12 Jul 2022 03:57:45 -0700 (PDT) Received: by mail-pl1-x633.google.com with SMTP id b2so6937530plx.7 for ; Tue, 12 Jul 2022 03:57:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=4uTFDPdsLupjidDuaAyhErndHQ6C20td2af7g/YXA8A=; b=lvhMy54dzXtcl0CUfiqayaLpTgqzI9JNDPAOKFjE0PzOyaOVe0Y3j8l1LZ481Jauxi ZqYiHDGzJ+Ck/wSTW6HYo/IP3i3TaVlgn3n5Wb7EBVTDsSuMMaxuH/l8GaMtG2Kwz2n4 f3el/GAyaUhKdt9kB9LVD1SxqL2ZWbfptTF6LUGdw3ylsjs9tzWzWTYm5+oJVakVsQj9 K4r/xSrEvBU6jpobdc04nKnYBBME7umbdDK8ODO1vfzq0o4iZoZm5AfuZ3YdCDebV7lQ uchv9We5csrZeoA6JL8y439VI3FxLnYtEhy0NzuSxmVX44UxsxqUov3mDXzS7/P1b9zU r2Sg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=4uTFDPdsLupjidDuaAyhErndHQ6C20td2af7g/YXA8A=; b=UmrX4l4jGLUW6gtMrjuiTIoplfopnAYXGaPexuIdYS6SB3u0Sq0gRh1NTxJa+0R9hY GUoxF6yPU57pb5sO8L28E7W5zgEis1VO6IDTx9XHE3qARqmy3AhBmwtyT1385Yl6uhjg MQtgKPvM1lkuZUq6bHpaTI1Iqu81/gM+/xjOZwwWlPjobPSwpwsWgqa+OnJEC7dHRpl4 cCU6iJuWAyhf8lqW1570xgvsldCaTQbV9WdlJmxIEsHnFgQ25EtAuVkUlotCdBOmn4i1 cSlgZynT0fDYFrZTt9nVscgspcRbUjtxqxQ1WOFBRmtxqG5gCu4s03g/BCD9q4Ji7J7i E/Qg== X-Gm-Message-State: AJIora9WXEeCZsh8OmGqrJZhrcSW5sAUGkRdu262RgqsNJI7eT51MpPO WXtoaUmkxDXO648D5vN2Jsc= X-Google-Smtp-Source: AGRyM1vB024gwJQvjf7x9WT1kua1FmKZwVyUumLXjZDsKdSju2Nfhvmrc7SVZPEdg67GiKPt0Rba/w== X-Received: by 2002:a17:90a:1a14:b0:1ef:91a9:3c91 with SMTP id 20-20020a17090a1a1400b001ef91a93c91mr3702277pjk.203.1657623465244; Tue, 12 Jul 2022 03:57:45 -0700 (PDT) Received: from localhost.localdomain ([182.213.254.91]) by smtp.gmail.com with ESMTPSA id im22-20020a170902bb1600b0016c37fe48casm5681714plb.193.2022.07.12.03.57.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Jul 2022 03:57:44 -0700 (PDT) From: Taehee Yoo To: davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com, edumazet@google.com, netdev@vger.kernel.org Cc: ap420073@gmail.com Subject: [PATCH net 8/8] amt: do not use amt->nr_tunnels outside of lock Date: Tue, 12 Jul 2022 10:57:14 +0000 Message-Id: <20220712105714.12282-9-ap420073@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220712105714.12282-1-ap420073@gmail.com> References: <20220712105714.12282-1-ap420073@gmail.com> Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org amt->nr_tunnels is protected by amt->lock. But, amt_request_handler() has been using this variable without the amt->lock. So, it expands context of amt->lock in the amt_request_handler() to protect amt->nr_tunnels variable. Fixes: cbc21dc1cfe9 ("amt: add data plane of amt interface") Signed-off-by: Taehee Yoo --- drivers/net/amt.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/net/amt.c b/drivers/net/amt.c index 03decb3caa5c..f23d2d270895 100644 --- a/drivers/net/amt.c +++ b/drivers/net/amt.c @@ -2679,7 +2679,9 @@ static bool amt_request_handler(struct amt_dev *amt, struct sk_buff *skb) if (tunnel->ip4 == iph->saddr) goto send; + spin_lock_bh(&amt->lock); if (amt->nr_tunnels >= amt->max_tunnels) { + spin_unlock_bh(&amt->lock); icmp_ndo_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0); return true; } @@ -2687,8 +2689,10 @@ static bool amt_request_handler(struct amt_dev *amt, struct sk_buff *skb) tunnel = kzalloc(sizeof(*tunnel) + (sizeof(struct hlist_head) * amt->hash_buckets), GFP_ATOMIC); - if (!tunnel) + if (!tunnel) { + spin_unlock_bh(&amt->lock); return true; + } tunnel->source_port = udph->source; tunnel->ip4 = iph->saddr; @@ -2701,10 +2705,9 @@ static bool amt_request_handler(struct amt_dev *amt, struct sk_buff *skb) INIT_DELAYED_WORK(&tunnel->gc_wq, amt_tunnel_expire); - spin_lock_bh(&amt->lock); list_add_tail_rcu(&tunnel->list, &amt->tunnel_list); tunnel->key = amt->key; - amt_update_relay_status(tunnel, AMT_STATUS_RECEIVED_REQUEST, true); + __amt_update_relay_status(tunnel, AMT_STATUS_RECEIVED_REQUEST, true); amt->nr_tunnels++; mod_delayed_work(amt_wq, &tunnel->gc_wq, msecs_to_jiffies(amt_gmi(amt)));