From patchwork Fri Aug 16 11:48:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 13766028 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-ej1-f49.google.com (mail-ej1-f49.google.com [209.85.218.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 11ACB198A2F for ; Fri, 16 Aug 2024 11:51:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.218.49 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723809080; cv=none; b=ZTiSvD49sHYSIbeJRGm1QnOxcBc6u3JaaEjg5fgmtkfymE7b333DCYPBKPtMLmJ7LCD+rGxtwjzVzJ0NMFFz/AWd5CQONQ+xJajQZmUjx8xiuGifGBUvJUpxpq9t6GOHl9vui0xSTdL+F1gSqKp+RlgvZZlOsZydd6JfnBwqa0I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723809080; c=relaxed/simple; bh=JO93xhbgSaTuYjxi+Cl4YUEu7bGerZYLXHtYiTT/wYY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ovFnfh5WDQ1oOhkNjskD4edoVTEcK1f3rilQuDSvQyeKwUHepKJOFza5hVPBGLecbwysO5IR2K6A+NJ4HmGxww4OSDIX9B9PsZpdUkmkZ42xM9YxvF9xO0egPYeqPa3diurwOAaFSaS1hAFzVnOA1+0VFkT9l4UtTIQXTYfBTSM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=blackwall.org; spf=none smtp.mailfrom=blackwall.org; dkim=pass (2048-bit key) header.d=blackwall-org.20230601.gappssmtp.com header.i=@blackwall-org.20230601.gappssmtp.com header.b=NTuTsYTH; arc=none smtp.client-ip=209.85.218.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=blackwall.org Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=blackwall.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=blackwall-org.20230601.gappssmtp.com header.i=@blackwall-org.20230601.gappssmtp.com header.b="NTuTsYTH" Received: by mail-ej1-f49.google.com with SMTP id a640c23a62f3a-a80ea7084e9so105829766b.0 for ; Fri, 16 Aug 2024 04:51:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20230601.gappssmtp.com; s=20230601; t=1723809077; x=1724413877; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=O29xCPNUIaer8YJvgLSvXVeHF8sRBOh8qRqEGZYZ06I=; b=NTuTsYTHRg9zCGIA2ToaELGVVLBHy6uvR68Q01HXLaSQMU+AW0zf/IO7NdN+4fwean 61PIu68LmSIHNPh2/ZzI/Lku5pFIEblsxrTBdEoWsBa/sOBSXvv4lU03/PdO4owRecjT yQWGTAmYTFY/P4kTwXXBLYBMlJ5w0KsFGHy97eCOtZx3/b2q2EkYQHGDtUHt76vCUwk3 qzgK7Mh+KMFX1xZtVeY4KxGnBiHYdfCsB1Q7HwBo+1flYFFd5GU60/TrtyT2Iwk5PEJN eT7x4ZCbcLvNVRfACCwvplZTguM+Q1XDYVyBk8pvx0uE793ngMxuEDPduhSZEcLEbk6a bpVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723809077; x=1724413877; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=O29xCPNUIaer8YJvgLSvXVeHF8sRBOh8qRqEGZYZ06I=; b=jZg7Hq+Pwxf2tDSzLMerQpl88MI0S5AosNcDRiQr/oIehsSZyhE8qPP15+Wys5ajwO h8PnToTGy7pUrAMZtakFXbmYSHFPg2wHICxkzdWAdHEFZvm/fv0k5WiDc34K1NhrK77a smLmhpQZnLb+KV4rT3UUyT8BDLVhzgW2X3SyN2F9WJ5bPKdyMoH5XfBjJrm4MVUqWhad s0wQf6/wsAmqfgfZoMUypyy2QqIL67D6XrMZaycAGpGc5HPYDR+CgY2iJg91sseqS13N Pxz+bDPbwKK7CovFB+EZ31PW7wfFin32b0CQSSLZ8l4uCw81pVlxSKQ+7qgoPGoU7Uhv s73g== X-Gm-Message-State: AOJu0Yy0mAg2CkUlERUoNSDVbdEF7esRogeq/HWZMBKpV/08vcC+Ldq5 vXk527GFwaHLlwQIcdt9TNZkdq1joLFmduuHLRwGqlASupCKynQW9Zi8gp3DFWOCNDTVphI7ZdG m X-Google-Smtp-Source: AGHT+IE6Q/nHSMjbkfeXvNXGMkTgqve2YDIQIW9PCdqFyozXNBnlvN/G9zRZv5WkXP9EYvo1R1zXEg== X-Received: by 2002:a05:6402:50cb:b0:5a1:f9bc:7f13 with SMTP id 4fb4d7f45d1cf-5beca5ae7ccmr2228090a12.22.1723809076220; Fri, 16 Aug 2024 04:51:16 -0700 (PDT) Received: from debil.. ([62.73.69.208]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5bebbde7cd4sm2152845a12.39.2024.08.16.04.51.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 04:51:15 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: Taehee Yoo , davem@davemloft.net, jv@jvosburgh.net, andy@greyhouse.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, jarod@redhat.com, Nikolay Aleksandrov Subject: [PATCH net 1/4] bonding: fix bond_ipsec_offload_ok return type Date: Fri, 16 Aug 2024 14:48:10 +0300 Message-ID: <20240816114813.326645-2-razor@blackwall.org> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240816114813.326645-1-razor@blackwall.org> References: <20240816114813.326645-1-razor@blackwall.org> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org Fix the return type which should be bool. Fixes: 955b785ec6b3 ("bonding: fix suspicious RCU usage in bond_ipsec_offload_ok()") Signed-off-by: Nikolay Aleksandrov Reviewed-by: Hangbin Liu --- drivers/net/bonding/bond_main.c | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c index 1cd92c12e782..85b5868deeea 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c @@ -599,34 +599,28 @@ static bool bond_ipsec_offload_ok(struct sk_buff *skb, struct xfrm_state *xs) struct net_device *real_dev; struct slave *curr_active; struct bonding *bond; - int err; + bool ok = false; bond = netdev_priv(bond_dev); rcu_read_lock(); curr_active = rcu_dereference(bond->curr_active_slave); real_dev = curr_active->dev; - if (BOND_MODE(bond) != BOND_MODE_ACTIVEBACKUP) { - err = false; + if (BOND_MODE(bond) != BOND_MODE_ACTIVEBACKUP) goto out; - } - if (!xs->xso.real_dev) { - err = false; + if (!xs->xso.real_dev) goto out; - } if (!real_dev->xfrmdev_ops || !real_dev->xfrmdev_ops->xdo_dev_offload_ok || - netif_is_bond_master(real_dev)) { - err = false; + netif_is_bond_master(real_dev)) goto out; - } - err = real_dev->xfrmdev_ops->xdo_dev_offload_ok(skb, xs); + ok = real_dev->xfrmdev_ops->xdo_dev_offload_ok(skb, xs); out: rcu_read_unlock(); - return err; + return ok; } static const struct xfrmdev_ops bond_xfrmdev_ops = { From patchwork Fri Aug 16 11:48:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 13766029 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-lj1-f181.google.com (mail-lj1-f181.google.com [209.85.208.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 913E61A4F04 for ; Fri, 16 Aug 2024 11:51:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.181 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723809082; cv=none; b=kKFq7g4BXatwylAM2WMRKiwsfFCt4rTlZJr22GKg6Yd69gZRoZid4SGM6/RwLSHnkH/L8dUBcq/aLHxwQLN03gtR5aeilrpy9CLol2zQcOAMpFpm84HnEzP+Q+JnXHLLNnc9/DHBAOys1zjzkMcyiYfJWR8k5m9+PEdOZat4ztU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723809082; c=relaxed/simple; bh=e4yCprVhrRgw9grxhItSNzy/3aPExuxQDvLJ+oDK3Mc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=tMVW3WhyoS6rautM3gCUh6b+7QFOorn38dFqx7H0tKVyvfAjgSZNlHxcOSwW7tYBZHJxe4Z9RvR7waNgj82Z2ii5dpbtnh7+AMT2hsJ0rOd+fc8iF18zzifpvvUTSlh2ATghe8z7W/lCQQymb6+RAvghA/Kx/VdLL4LE1Ea6TI8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=blackwall.org; spf=none smtp.mailfrom=blackwall.org; dkim=pass (2048-bit key) header.d=blackwall-org.20230601.gappssmtp.com header.i=@blackwall-org.20230601.gappssmtp.com header.b=2hfyfYZK; arc=none smtp.client-ip=209.85.208.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=blackwall.org Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=blackwall.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=blackwall-org.20230601.gappssmtp.com header.i=@blackwall-org.20230601.gappssmtp.com header.b="2hfyfYZK" Received: by mail-lj1-f181.google.com with SMTP id 38308e7fff4ca-2f3b8eb3df5so18666601fa.1 for ; Fri, 16 Aug 2024 04:51:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20230601.gappssmtp.com; s=20230601; t=1723809078; x=1724413878; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=UsP6OZY8FtG8kzDC28hz+qK5+Ulw5BlZI/hR6ZEydh4=; b=2hfyfYZKo+QndD/foFjPxjWVZOzg1s8EIGKP5Dsy32ZOc/bcMeIUvP2X46S5GbnGQK 7kivW7JJI6XtBEhR/VghdHj6ZDARwGPG2qLaWt9Ub9uRewg+2IEBi1SMgcCCnT/iAE2L i0wRweJtMjgYH2OJqK1MFN30T4TYPmmeeD02Rz6YQ0875oUioOPNQ2CTvhfKH13UsYvP FpdWEZ420l1mO6S2VIEcQGx/F8vB0KGhtqdSLFlzyyllSdDrF+3RxxCAYkKCa5JKw/na 91onFZHhBg4eLoWSNyfCB5MmU7aBLghmMMBQEs680mmJorBVN3hiLOMBjs4WljA8Jnty mqoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723809078; x=1724413878; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UsP6OZY8FtG8kzDC28hz+qK5+Ulw5BlZI/hR6ZEydh4=; b=ueKI6hiT8SOZfWgrfXp5FP+91eSvPUrFT871ely3GDdlEcCRZTRVJbVDqZdbVNnuY8 p2bvtIpw9wU1OGKQRMLsKLwQLDgtkwb9b7ErGVrvdVx/5c1l1gdJiF3l30uFLgd8BIs3 ggv+CMbb1sYSJHSxDie5YiajJoDNcazqEJPPWuF2Zb8WgtiYtc0G8xUNuxIB0EyMlXWc d5x3dqu2PnOqpuI1srIp/zOU9AD/pcDO5N3BCZq0jm3vhRvNtOq885kF1br7XFiG4Zl2 N2miBzK5oiuRwSmLRfAUhODb0f0ozlBZenewABylW4nHHhMNA0YfKSDWX4qp0UhxZs51 39ZQ== X-Gm-Message-State: AOJu0YyYLxAj+5U+rHUQPacPeqJK8nIwn99BEIqs9y8n/Goi1G4kFj+r tjRRYn2qxx7x2p1u5Mhnxn1Zw1fPOwHajDn6PDI8c1IKymvfnaDevngh6UqV43C7KQA6MHOrGFz u X-Google-Smtp-Source: AGHT+IG6CxhChwVrT/Qat9JiXfnPgV4L91W7mQyYBy8kFsVtGShhXw4KYTqnsErboWW/51T8Uah86Q== X-Received: by 2002:a2e:9d18:0:b0:2ef:26ec:44ea with SMTP id 38308e7fff4ca-2f3be60118fmr16538221fa.39.1723809077405; Fri, 16 Aug 2024 04:51:17 -0700 (PDT) Received: from debil.. ([62.73.69.208]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5bebbde7cd4sm2152845a12.39.2024.08.16.04.51.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 04:51:16 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: Taehee Yoo , davem@davemloft.net, jv@jvosburgh.net, andy@greyhouse.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, jarod@redhat.com, Nikolay Aleksandrov Subject: [PATCH net 2/4] bonding: fix null pointer deref in bond_ipsec_offload_ok Date: Fri, 16 Aug 2024 14:48:11 +0300 Message-ID: <20240816114813.326645-3-razor@blackwall.org> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240816114813.326645-1-razor@blackwall.org> References: <20240816114813.326645-1-razor@blackwall.org> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org We must check if there is an active slave before dereferencing the pointer. Fixes: 18cb261afd7b ("bonding: support hardware encryption offload to slaves") Signed-off-by: Nikolay Aleksandrov Reviewed-by: Hangbin Liu Reviewed-by: Eric Dumazet --- drivers/net/bonding/bond_main.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c index 85b5868deeea..65ddb71eebcd 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c @@ -604,6 +604,8 @@ static bool bond_ipsec_offload_ok(struct sk_buff *skb, struct xfrm_state *xs) bond = netdev_priv(bond_dev); rcu_read_lock(); curr_active = rcu_dereference(bond->curr_active_slave); + if (!curr_active) + goto out; real_dev = curr_active->dev; if (BOND_MODE(bond) != BOND_MODE_ACTIVEBACKUP) From patchwork Fri Aug 16 11:48:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 13766030 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 21BEA1AD3EF for ; Fri, 16 Aug 2024 11:51:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.52 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723809082; cv=none; b=K+DSmq4Fxi5Y7OT8014n83U5cZNtPHq+xpv7Dnk4fEb36+2hX2BH67fqp8q4VYUZ6ExjP51GOGuU3ONPnG9DOrv8Xw6eEBmbA2zDGYbiX+GoJMCjEqDK3iQzX+zsH3L5Vhu8WRAqq8N4P6j1rphQA8x/1DI/aFssgFcnlK3MlVI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723809082; c=relaxed/simple; bh=Xkbzi/UxFj0mtxCXA7fLuLqNIKDKx7Shm7l6a3IUs14=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=GHjZbgr2zbrhfb7W2qGmTDLncHicsJ2VE/Vu3nG9nsmN9OoDb3udaGWSnf7+u8hBF40ZEvoWJn9XS8KOT2165uT37BBHByW41+Mq1q7ZNtdk8XkSOUWaaye/zFV5oBeH6B7tGRX6fxh4HzwA8G1jFYCERAURDQTM1NPM8go/K58= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=blackwall.org; spf=none smtp.mailfrom=blackwall.org; dkim=pass (2048-bit key) header.d=blackwall-org.20230601.gappssmtp.com header.i=@blackwall-org.20230601.gappssmtp.com header.b=2JxkzdTy; arc=none smtp.client-ip=209.85.208.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=blackwall.org Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=blackwall.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=blackwall-org.20230601.gappssmtp.com header.i=@blackwall-org.20230601.gappssmtp.com header.b="2JxkzdTy" Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-5beb6ea9ed6so1996975a12.1 for ; Fri, 16 Aug 2024 04:51:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20230601.gappssmtp.com; s=20230601; t=1723809079; x=1724413879; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Ou8Kfu9k+15Hd/VmyVXRlFZQLlHIVY7EJ/iMOj0jNJg=; b=2JxkzdTyc8lOxNLjnxzEAuME9NFgsq/SJRp3072F8Gj8x4eR3cxF51esnStkOZZtXv P8Cwpj03LJApX6X/SAn4pxPYonQ/PP36KvkOf1rGIeR7vvsWJQUg2gCbvyJQfX76WCnb I3fF20qiPL3syeeoqF6AIPcvned/WvnHytbB+rCQ7chQmnuv11DbayFeMphmANUAg7EI LbnC597pQdTA2FkOBNT/Y1te6QYUqZzhnmlRomYsj4haDf9fIOPmkE55GI3HMAxEnrnV bsBlv25Gq+qVD7KKXmla3JZt0ZD1IwPMHVQBPN5rF+DiOMZWx6Jz9eBRmUn8t6WSnF7b WO5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723809079; x=1724413879; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ou8Kfu9k+15Hd/VmyVXRlFZQLlHIVY7EJ/iMOj0jNJg=; b=BZ3vtIQa0rlG60ynglCSUNapa2kNhI+GJfbMSjC0SIz38Zo1fXom82w1NA4KnFSKk0 Ktmzxo6XzTWsnzaGhMRNyzYlUvmxl/NmrMQmso/m2ez6AtEzdWSAHVR62Ks+LU7O4rOP GeEmoqP6sY41B7RsXePjlxEvfznuOMktJrKJ/QSmM4Q7s/wuJq90VEbLRn3IEjyq9za2 C/lrXzTReV+jt8cBzcCHHGP060X1dwAecuxt45kg3TDAhpHQjtqxx/QMiHekrtqgHIa7 18LLieLvInrkHz4fwuHLViL3FnF9AttYKcS2KKd7Hcs6vMYtvjczAXxYfVlvqvXI0FnA LA7Q== X-Gm-Message-State: AOJu0Yz9ZmfbuBjOSxwDxbRF66OExHpElmNtBm2XMLsg+Da5kf/RTRjE 5rlWe5tCdOKs2p1vkBJOxk0y42HOpCOKMwMXBd6SfN2/JAGCssim3dboBaOoUVsjjJJiwNu3V+K A X-Google-Smtp-Source: AGHT+IFdmBrIZTNRP7qVRuqYUDV/iuxap7POx2Ksg3Tr2SE2qbGfT9XeM+oPjanbL//DES9NJ8DweA== X-Received: by 2002:a05:6402:5206:b0:5a2:1f7b:e017 with SMTP id 4fb4d7f45d1cf-5beca4da60dmr1881346a12.4.1723809078563; Fri, 16 Aug 2024 04:51:18 -0700 (PDT) Received: from debil.. ([62.73.69.208]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5bebbde7cd4sm2152845a12.39.2024.08.16.04.51.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 04:51:18 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: Taehee Yoo , davem@davemloft.net, jv@jvosburgh.net, andy@greyhouse.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, jarod@redhat.com, Nikolay Aleksandrov Subject: [PATCH net 3/4] bonding: fix xfrm real_dev null pointer dereference Date: Fri, 16 Aug 2024 14:48:12 +0300 Message-ID: <20240816114813.326645-4-razor@blackwall.org> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240816114813.326645-1-razor@blackwall.org> References: <20240816114813.326645-1-razor@blackwall.org> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org We shouldn't set real_dev to NULL because packets can be in transit and xfrm might call xdo_dev_offload_ok() in parallel. All callbacks assume real_dev is set. Example trace: kernel: BUG: unable to handle page fault for address: 0000000000001030 kernel: bond0: (slave eni0np1): making interface the new active one kernel: #PF: supervisor write access in kernel mode kernel: #PF: error_code(0x0002) - not-present page kernel: PGD 0 P4D 0 kernel: Oops: 0002 [#1] PREEMPT SMP kernel: CPU: 4 PID: 2237 Comm: ping Not tainted 6.7.7+ #12 kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 kernel: RIP: 0010:nsim_ipsec_offload_ok+0xc/0x20 [netdevsim] kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel: Code: e0 0f 0b 48 83 7f 38 00 74 de 0f 0b 48 8b 47 08 48 8b 37 48 8b 78 40 e9 b2 e5 9a d7 66 90 0f 1f 44 00 00 48 8b 86 80 02 00 00 <83> 80 30 10 00 00 01 b8 01 00 00 00 c3 0f 1f 80 00 00 00 00 0f 1f kernel: bond0: (slave eni0np1): making interface the new active one kernel: RSP: 0018:ffffabde81553b98 EFLAGS: 00010246 kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel: kernel: RAX: 0000000000000000 RBX: ffff9eb404e74900 RCX: ffff9eb403d97c60 kernel: RDX: ffffffffc090de10 RSI: ffff9eb404e74900 RDI: ffff9eb3c5de9e00 kernel: RBP: ffff9eb3c0a42000 R08: 0000000000000010 R09: 0000000000000014 kernel: R10: 7974203030303030 R11: 3030303030303030 R12: 0000000000000000 kernel: R13: ffff9eb3c5de9e00 R14: ffffabde81553cc8 R15: ffff9eb404c53000 kernel: FS: 00007f2a77a3ad00(0000) GS:ffff9eb43bd00000(0000) knlGS:0000000000000000 kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 kernel: CR2: 0000000000001030 CR3: 00000001122ab000 CR4: 0000000000350ef0 kernel: bond0: (slave eni0np1): making interface the new active one kernel: Call Trace: kernel: kernel: ? __die+0x1f/0x60 kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel: ? page_fault_oops+0x142/0x4c0 kernel: ? do_user_addr_fault+0x65/0x670 kernel: ? kvm_read_and_reset_apf_flags+0x3b/0x50 kernel: bond0: (slave eni0np1): making interface the new active one kernel: ? exc_page_fault+0x7b/0x180 kernel: ? asm_exc_page_fault+0x22/0x30 kernel: ? nsim_bpf_uninit+0x50/0x50 [netdevsim] kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel: ? nsim_ipsec_offload_ok+0xc/0x20 [netdevsim] kernel: bond0: (slave eni0np1): making interface the new active one kernel: bond_ipsec_offload_ok+0x7b/0x90 [bonding] kernel: xfrm_output+0x61/0x3b0 kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel: ip_push_pending_frames+0x56/0x80 Fixes: 18cb261afd7b ("bonding: support hardware encryption offload to slaves") Signed-off-by: Nikolay Aleksandrov Reviewed-by: Hangbin Liu --- drivers/net/bonding/bond_main.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c index 65ddb71eebcd..f74bacf071fc 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c @@ -582,7 +582,6 @@ static void bond_ipsec_del_sa_all(struct bonding *bond) } else { slave->dev->xfrmdev_ops->xdo_dev_state_delete(ipsec->xs); } - ipsec->xs->xso.real_dev = NULL; } spin_unlock_bh(&bond->ipsec_lock); rcu_read_unlock(); From patchwork Fri Aug 16 11:48:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 13766031 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-ed1-f47.google.com (mail-ed1-f47.google.com [209.85.208.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1F2CD1AED5A for ; Fri, 16 Aug 2024 11:51:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.47 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723809084; cv=none; b=Ev/AkYd3/0rwJOul9fSktJPE37yU7Pv8363urjT0LEBpmt5g0QrGcQMGycYskVVvhWsmJlaVj9hODqFJSXXQmzE4Uh3ObpBq8xxXU3M/EjG1rt+LUC47ioE7vcf7HlkyBcAtNckCHHYRUXr17wox0z2BiZUiKLhR3rMSXKosBz8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723809084; c=relaxed/simple; bh=LL2022vgq8zz9q62sp2CaDsGevnAVzpMLQ2w63/beKE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=BytIdQpoJZMeRGrKCjx64x6KIj/zKFhRcsrFQvYozrrsZr95uUwiLWbPzmFHDoDRZKs2JwrEZDfoBZ41kHxYbXhDTumpNomwjraaQ8pCKYnJdW61e1n73H3dFP1eEFupdSs8eqkeXogxPhZvpoYsrsebehJI1KQ/AHqVj3jUUjk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=blackwall.org; spf=none smtp.mailfrom=blackwall.org; dkim=pass (2048-bit key) header.d=blackwall-org.20230601.gappssmtp.com header.i=@blackwall-org.20230601.gappssmtp.com header.b=S6/yC55a; arc=none smtp.client-ip=209.85.208.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=blackwall.org Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=blackwall.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=blackwall-org.20230601.gappssmtp.com header.i=@blackwall-org.20230601.gappssmtp.com header.b="S6/yC55a" Received: by mail-ed1-f47.google.com with SMTP id 4fb4d7f45d1cf-5bed83488b3so250020a12.0 for ; Fri, 16 Aug 2024 04:51:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20230601.gappssmtp.com; s=20230601; t=1723809081; x=1724413881; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lK754GCTcj/koNjNrd8Tfk7S3dTbfT2VufTJv13Pygs=; b=S6/yC55apwnQKs6w5wp3GF0VThifFCrTwZvI825vsG4ZJZn/TIVzUWSlqQT078FX3Z k69koYnNr8laoC8Mbfuyzq/8e62sSnVGU4PUFm7LdAN1mRsclE4h4ClvQ0NiwkAkJi7/ f/LtCuAi8jYz6qI3v1OvZoOidt2sIKKq9LYCNe9YMndBD7aFAmpR4nilh2PTICXMCSaM Dc+jnnsZ+s9UbzFjgY799+NkHajuWs/doujLxylJeOtLfFPq3bRsGyyHH4zb71yDzuIq CHA0S419C9VNBQih8zMXLJf4Kr1ew8TSkSxJ3iTHCVhMdxGZKWPmEGW8pYWOov/vHx82 zXPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723809081; x=1724413881; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lK754GCTcj/koNjNrd8Tfk7S3dTbfT2VufTJv13Pygs=; b=CobA+07wWEAuK4SPBu4L+K3F/xbEGUKF6UfkpOTKHFAGnL7mmcshR18/xHHIRVsiHN rINmlSNCgLMOtTWakskqW9C3DkdQN0SxXfKOqhMbEw5NO0yMGXh8MMThT66/CqlCnc7G xVjThLC4+dTchRGkfaIzqPwIMXEJZpGL2z0sidD6Soai4E/1HM77A8DmogI2YQtXJMDt MSeXqIW9TUPcLaUw6XEAAiFxxvHbRn3FIc6OK1hGd5DGhKRFlOOmGzRrrvajX9n5kVrt FjkaRPSkPjJqrapzjI/zogOGk95Pm7/lxRZqwAm097w5kYs7VqgDZpRmB9zWMh/W+hUg wvFQ== X-Gm-Message-State: AOJu0Yw2wfxvKDZbxaIszyahK/aTRoWW2dHDjiR0UR6+05Tmf4xsRR52 7vFuwMTpqwoPCczTIR9ttnQ4w7U7MshlqA77yI8qgtWDF75oUi0Hjv/KMaba7T6loJ7ZO903pob R X-Google-Smtp-Source: AGHT+IE3WO9LgSh9AVJo38ExBTocHOMo0UOuOeTPMsHqUjUGNVkSLcGRsE3o5YqFexfZlPJIdwTEew== X-Received: by 2002:a05:6402:1d50:b0:5bb:8e11:6bf with SMTP id 4fb4d7f45d1cf-5beca8c8e88mr1921782a12.38.1723809080655; Fri, 16 Aug 2024 04:51:20 -0700 (PDT) Received: from debil.. ([62.73.69.208]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5bebbde7cd4sm2152845a12.39.2024.08.16.04.51.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 04:51:19 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: Taehee Yoo , davem@davemloft.net, jv@jvosburgh.net, andy@greyhouse.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, jarod@redhat.com, Nikolay Aleksandrov Subject: [PATCH net 4/4] bonding: fix xfrm state handling when clearing active slave Date: Fri, 16 Aug 2024 14:48:13 +0300 Message-ID: <20240816114813.326645-5-razor@blackwall.org> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240816114813.326645-1-razor@blackwall.org> References: <20240816114813.326645-1-razor@blackwall.org> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org If the active slave is cleared manually the xfrm state is not flushed. This leads to xfrm add/del imbalance and adding the same state multiple times. For example when the device cannot handle anymore states we get: [ 1169.884811] bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA because it's filled with the same state after multiple active slave clearings. This change also has a few nice side effects: user-space gets a notification for the change, the old device gets its mac address and promisc/mcast adjusted properly. Fixes: 18cb261afd7b ("bonding: support hardware encryption offload to slaves") Signed-off-by: Nikolay Aleksandrov Reviewed-by: Hangbin Liu --- Please review this one more carefully. I plan to add a selftest with netdevsim for this as well. drivers/net/bonding/bond_options.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/bonding/bond_options.c b/drivers/net/bonding/bond_options.c index bc80fb6397dc..95d59a18c022 100644 --- a/drivers/net/bonding/bond_options.c +++ b/drivers/net/bonding/bond_options.c @@ -936,7 +936,7 @@ static int bond_option_active_slave_set(struct bonding *bond, /* check to see if we are clearing active */ if (!slave_dev) { netdev_dbg(bond->dev, "Clearing current active slave\n"); - RCU_INIT_POINTER(bond->curr_active_slave, NULL); + bond_change_active_slave(bond, NULL); bond_select_active_slave(bond); } else { struct slave *old_active = rtnl_dereference(bond->curr_active_slave);