Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:
1) Several hash table refcount fixes in batman-adv, from Sven
Eckelmann.
2) Use after free in bpf_evict_inode(), from Daniel Borkmann.
3) Fix mdio bus registration in ixgbe, from Ivan Vecera.
4) Unbounded loop in __skb_try_recv_datagram(), from Paolo Abeni.
5) ila rhashtable corruption fix from Herbert Xu.
6) Don't allow upper-devices to be added to vrf devices, from Sabrina
Dubroca.
7) Add qmi_wwan device ID for Olicard 600, from Bjørn Mork.
8) Don't leave skb->next poisoned in __netif_receive_skb_list_ptype,
from Alexander Lobakin.
9) Missing IDR checks in mlx5 driver, from Aditya Pakki.
10) Fix false connection termination in ktls, from Jakub Kicinski.
11) Work around some ASPM issues with r8169 by disabling rx interrupt
coalescing on certain chips. From Heiner Kallweit.
12) Properly use per-cpu qstat values on NOLOCK qdiscs, from Paolo
Abeni.
13) Fully initialize sockaddr_in structures in SCTP, from Xin Long.
14) Various BPF flow dissector fixes from Stanislav Fomichev.
15) Divide by zero in act_sample, from Davide Caratti.
16) Fix bridging multicast regression introduced by rhashtable
conversion, from Nikolay Aleksandrov.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (106 commits)
ibmvnic: Fix completion structure initialization
ipv6: sit: reset ip header pointer in ipip6_rcv
net: bridge: always clear mcast matching struct on reports and leaves
libcxgb: fix incorrect ppmax calculation
vlan: conditional inclusion of FCoE hooks to match netdevice.h and bnx2x
sch_cake: Make sure we can write the IP header before changing DSCP bits
sch_cake: Use tc_skb_protocol() helper for getting packet protocol
tcp: Ensure DCTCP reacts to losses
net/sched: act_sample: fix divide by zero in the traffic path
net: thunderx: fix NULL pointer dereference in nicvf_open/nicvf_stop
net: hns: Fix sparse: some warnings in HNS drivers
net: hns: Fix WARNING when remove HNS driver with SMMU enabled
net: hns: fix ICMP6 neighbor solicitation messages discard problem
net: hns: Fix probabilistic memory overwrite when HNS driver initialized
net: hns: Use NAPI_POLL_WEIGHT for hns driver
net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
flow_dissector: rst'ify documentation
ipv6: Fix dangling pointer when ipv6 fragment
net-gro: Fix GRO flush when receiving a GSO packet.
flow_dissector: document BPF flow dissector environment
...
This commit is contained in:
Linus Torvalds
@@ -39,6 +39,58 @@ static struct bpf_flow_keys pkt_v6_flow_keys = {
|
||||
.n_proto = __bpf_constant_htons(ETH_P_IPV6),
|
||||
};
|
||||
|
||||
#define VLAN_HLEN 4
|
||||
|
||||
static struct {
|
||||
struct ethhdr eth;
|
||||
__u16 vlan_tci;
|
||||
__u16 vlan_proto;
|
||||
struct iphdr iph;
|
||||
struct tcphdr tcp;
|
||||
} __packed pkt_vlan_v4 = {
|
||||
.eth.h_proto = __bpf_constant_htons(ETH_P_8021Q),
|
||||
.vlan_proto = __bpf_constant_htons(ETH_P_IP),
|
||||
.iph.ihl = 5,
|
||||
.iph.protocol = IPPROTO_TCP,
|
||||
.iph.tot_len = __bpf_constant_htons(MAGIC_BYTES),
|
||||
.tcp.urg_ptr = 123,
|
||||
.tcp.doff = 5,
|
||||
};
|
||||
|
||||
static struct bpf_flow_keys pkt_vlan_v4_flow_keys = {
|
||||
.nhoff = VLAN_HLEN,
|
||||
.thoff = VLAN_HLEN + sizeof(struct iphdr),
|
||||
.addr_proto = ETH_P_IP,
|
||||
.ip_proto = IPPROTO_TCP,
|
||||
.n_proto = __bpf_constant_htons(ETH_P_IP),
|
||||
};
|
||||
|
||||
static struct {
|
||||
struct ethhdr eth;
|
||||
__u16 vlan_tci;
|
||||
__u16 vlan_proto;
|
||||
__u16 vlan_tci2;
|
||||
__u16 vlan_proto2;
|
||||
struct ipv6hdr iph;
|
||||
struct tcphdr tcp;
|
||||
} __packed pkt_vlan_v6 = {
|
||||
.eth.h_proto = __bpf_constant_htons(ETH_P_8021AD),
|
||||
.vlan_proto = __bpf_constant_htons(ETH_P_8021Q),
|
||||
.vlan_proto2 = __bpf_constant_htons(ETH_P_IPV6),
|
||||
.iph.nexthdr = IPPROTO_TCP,
|
||||
.iph.payload_len = __bpf_constant_htons(MAGIC_BYTES),
|
||||
.tcp.urg_ptr = 123,
|
||||
.tcp.doff = 5,
|
||||
};
|
||||
|
||||
static struct bpf_flow_keys pkt_vlan_v6_flow_keys = {
|
||||
.nhoff = VLAN_HLEN * 2,
|
||||
.thoff = VLAN_HLEN * 2 + sizeof(struct ipv6hdr),
|
||||
.addr_proto = ETH_P_IPV6,
|
||||
.ip_proto = IPPROTO_TCP,
|
||||
.n_proto = __bpf_constant_htons(ETH_P_IPV6),
|
||||
};
|
||||
|
||||
void test_flow_dissector(void)
|
||||
{
|
||||
struct bpf_flow_keys flow_keys;
|
||||
@@ -68,5 +120,21 @@ void test_flow_dissector(void)
|
||||
err, errno, retval, duration, size, sizeof(flow_keys));
|
||||
CHECK_FLOW_KEYS("ipv6_flow_keys", flow_keys, pkt_v6_flow_keys);
|
||||
|
||||
err = bpf_prog_test_run(prog_fd, 10, &pkt_vlan_v4, sizeof(pkt_vlan_v4),
|
||||
&flow_keys, &size, &retval, &duration);
|
||||
CHECK(size != sizeof(flow_keys) || err || retval != 1, "vlan_ipv4",
|
||||
"err %d errno %d retval %d duration %d size %u/%lu\n",
|
||||
err, errno, retval, duration, size, sizeof(flow_keys));
|
||||
CHECK_FLOW_KEYS("vlan_ipv4_flow_keys", flow_keys,
|
||||
pkt_vlan_v4_flow_keys);
|
||||
|
||||
err = bpf_prog_test_run(prog_fd, 10, &pkt_vlan_v6, sizeof(pkt_vlan_v6),
|
||||
&flow_keys, &size, &retval, &duration);
|
||||
CHECK(size != sizeof(flow_keys) || err || retval != 1, "vlan_ipv6",
|
||||
"err %d errno %d retval %d duration %d size %u/%lu\n",
|
||||
err, errno, retval, duration, size, sizeof(flow_keys));
|
||||
CHECK_FLOW_KEYS("vlan_ipv6_flow_keys", flow_keys,
|
||||
pkt_vlan_v6_flow_keys);
|
||||
|
||||
bpf_object__close(obj);
|
||||
}
|
||||
|
||||
@@ -92,7 +92,6 @@ static __always_inline int parse_eth_proto(struct __sk_buff *skb, __be16 proto)
|
||||
{
|
||||
struct bpf_flow_keys *keys = skb->flow_keys;
|
||||
|
||||
keys->n_proto = proto;
|
||||
switch (proto) {
|
||||
case bpf_htons(ETH_P_IP):
|
||||
bpf_tail_call(skb, &jmp_table, IP);
|
||||
@@ -119,10 +118,9 @@ static __always_inline int parse_eth_proto(struct __sk_buff *skb, __be16 proto)
|
||||
SEC("flow_dissector")
|
||||
int _dissect(struct __sk_buff *skb)
|
||||
{
|
||||
if (!skb->vlan_present)
|
||||
return parse_eth_proto(skb, skb->protocol);
|
||||
else
|
||||
return parse_eth_proto(skb, skb->vlan_proto);
|
||||
struct bpf_flow_keys *keys = skb->flow_keys;
|
||||
|
||||
return parse_eth_proto(skb, keys->n_proto);
|
||||
}
|
||||
|
||||
/* Parses on IPPROTO_* */
|
||||
@@ -336,15 +334,9 @@ PROG(VLAN)(struct __sk_buff *skb)
|
||||
{
|
||||
struct bpf_flow_keys *keys = skb->flow_keys;
|
||||
struct vlan_hdr *vlan, _vlan;
|
||||
__be16 proto;
|
||||
|
||||
/* Peek back to see if single or double-tagging */
|
||||
if (bpf_skb_load_bytes(skb, keys->thoff - sizeof(proto), &proto,
|
||||
sizeof(proto)))
|
||||
return BPF_DROP;
|
||||
|
||||
/* Account for double-tagging */
|
||||
if (proto == bpf_htons(ETH_P_8021AD)) {
|
||||
if (keys->n_proto == bpf_htons(ETH_P_8021AD)) {
|
||||
vlan = bpf_flow_dissect_get_header(skb, sizeof(*vlan), &_vlan);
|
||||
if (!vlan)
|
||||
return BPF_DROP;
|
||||
@@ -352,6 +344,7 @@ PROG(VLAN)(struct __sk_buff *skb)
|
||||
if (vlan->h_vlan_encapsulated_proto != bpf_htons(ETH_P_8021Q))
|
||||
return BPF_DROP;
|
||||
|
||||
keys->nhoff += sizeof(*vlan);
|
||||
keys->thoff += sizeof(*vlan);
|
||||
}
|
||||
|
||||
@@ -359,12 +352,14 @@ PROG(VLAN)(struct __sk_buff *skb)
|
||||
if (!vlan)
|
||||
return BPF_DROP;
|
||||
|
||||
keys->nhoff += sizeof(*vlan);
|
||||
keys->thoff += sizeof(*vlan);
|
||||
/* Only allow 8021AD + 8021Q double tagging and no triple tagging.*/
|
||||
if (vlan->h_vlan_encapsulated_proto == bpf_htons(ETH_P_8021AD) ||
|
||||
vlan->h_vlan_encapsulated_proto == bpf_htons(ETH_P_8021Q))
|
||||
return BPF_DROP;
|
||||
|
||||
keys->n_proto = vlan->h_vlan_encapsulated_proto;
|
||||
return parse_eth_proto(skb, vlan->h_vlan_encapsulated_proto);
|
||||
}
|
||||
|
||||
|
||||
@@ -5776,6 +5776,53 @@ const struct btf_dedup_test dedup_tests[] = {
|
||||
.dedup_table_size = 1, /* force hash collisions */
|
||||
},
|
||||
},
|
||||
{
|
||||
.descr = "dedup: void equiv check",
|
||||
/*
|
||||
* // CU 1:
|
||||
* struct s {
|
||||
* struct {} *x;
|
||||
* };
|
||||
* // CU 2:
|
||||
* struct s {
|
||||
* int *x;
|
||||
* };
|
||||
*/
|
||||
.input = {
|
||||
.raw_types = {
|
||||
/* CU 1 */
|
||||
BTF_STRUCT_ENC(0, 0, 1), /* [1] struct {} */
|
||||
BTF_PTR_ENC(1), /* [2] ptr -> [1] */
|
||||
BTF_STRUCT_ENC(NAME_NTH(1), 1, 8), /* [3] struct s */
|
||||
BTF_MEMBER_ENC(NAME_NTH(2), 2, 0),
|
||||
/* CU 2 */
|
||||
BTF_PTR_ENC(0), /* [4] ptr -> void */
|
||||
BTF_STRUCT_ENC(NAME_NTH(1), 1, 8), /* [5] struct s */
|
||||
BTF_MEMBER_ENC(NAME_NTH(2), 4, 0),
|
||||
BTF_END_RAW,
|
||||
},
|
||||
BTF_STR_SEC("\0s\0x"),
|
||||
},
|
||||
.expect = {
|
||||
.raw_types = {
|
||||
/* CU 1 */
|
||||
BTF_STRUCT_ENC(0, 0, 1), /* [1] struct {} */
|
||||
BTF_PTR_ENC(1), /* [2] ptr -> [1] */
|
||||
BTF_STRUCT_ENC(NAME_NTH(1), 1, 8), /* [3] struct s */
|
||||
BTF_MEMBER_ENC(NAME_NTH(2), 2, 0),
|
||||
/* CU 2 */
|
||||
BTF_PTR_ENC(0), /* [4] ptr -> void */
|
||||
BTF_STRUCT_ENC(NAME_NTH(1), 1, 8), /* [5] struct s */
|
||||
BTF_MEMBER_ENC(NAME_NTH(2), 4, 0),
|
||||
BTF_END_RAW,
|
||||
},
|
||||
BTF_STR_SEC("\0s\0x"),
|
||||
},
|
||||
.opts = {
|
||||
.dont_resolve_fwds = false,
|
||||
.dedup_table_size = 1, /* force hash collisions */
|
||||
},
|
||||
},
|
||||
{
|
||||
.descr = "dedup: all possible kinds (no duplicates)",
|
||||
.input = {
|
||||
|
||||
@@ -907,6 +907,44 @@
|
||||
.errstr = "call stack",
|
||||
.result = REJECT,
|
||||
},
|
||||
{
|
||||
"calls: stack depth check in dead code",
|
||||
.insns = {
|
||||
/* main */
|
||||
BPF_MOV64_IMM(BPF_REG_1, 0),
|
||||
BPF_RAW_INSN(BPF_JMP|BPF_CALL, 0, 1, 0, 1), /* call A */
|
||||
BPF_EXIT_INSN(),
|
||||
/* A */
|
||||
BPF_JMP_IMM(BPF_JEQ, BPF_REG_1, 0, 1),
|
||||
BPF_RAW_INSN(BPF_JMP|BPF_CALL, 0, 1, 0, 2), /* call B */
|
||||
BPF_MOV64_IMM(BPF_REG_0, 0),
|
||||
BPF_EXIT_INSN(),
|
||||
/* B */
|
||||
BPF_RAW_INSN(BPF_JMP|BPF_CALL, 0, 1, 0, 1), /* call C */
|
||||
BPF_EXIT_INSN(),
|
||||
/* C */
|
||||
BPF_RAW_INSN(BPF_JMP|BPF_CALL, 0, 1, 0, 1), /* call D */
|
||||
BPF_EXIT_INSN(),
|
||||
/* D */
|
||||
BPF_RAW_INSN(BPF_JMP|BPF_CALL, 0, 1, 0, 1), /* call E */
|
||||
BPF_EXIT_INSN(),
|
||||
/* E */
|
||||
BPF_RAW_INSN(BPF_JMP|BPF_CALL, 0, 1, 0, 1), /* call F */
|
||||
BPF_EXIT_INSN(),
|
||||
/* F */
|
||||
BPF_RAW_INSN(BPF_JMP|BPF_CALL, 0, 1, 0, 1), /* call G */
|
||||
BPF_EXIT_INSN(),
|
||||
/* G */
|
||||
BPF_RAW_INSN(BPF_JMP|BPF_CALL, 0, 1, 0, 1), /* call H */
|
||||
BPF_EXIT_INSN(),
|
||||
/* H */
|
||||
BPF_MOV64_IMM(BPF_REG_0, 0),
|
||||
BPF_EXIT_INSN(),
|
||||
},
|
||||
.prog_type = BPF_PROG_TYPE_XDP,
|
||||
.errstr = "call stack",
|
||||
.result = REJECT,
|
||||
},
|
||||
{
|
||||
"calls: spill into caller stack frame",
|
||||
.insns = {
|
||||
|
||||
@@ -143,6 +143,30 @@
|
||||
"$TC actions flush action sample"
|
||||
]
|
||||
},
|
||||
{
|
||||
"id": "7571",
|
||||
"name": "Add sample action with invalid rate",
|
||||
"category": [
|
||||
"actions",
|
||||
"sample"
|
||||
],
|
||||
"setup": [
|
||||
[
|
||||
"$TC actions flush action sample",
|
||||
0,
|
||||
1,
|
||||
255
|
||||
]
|
||||
],
|
||||
"cmdUnderTest": "$TC actions add action sample rate 0 group 1 index 2",
|
||||
"expExitCode": "255",
|
||||
"verifyCmd": "$TC actions get action sample index 2",
|
||||
"matchPattern": "action order [0-9]+: sample rate 1/0 group 1.*index 2 ref",
|
||||
"matchCount": "0",
|
||||
"teardown": [
|
||||
"$TC actions flush action sample"
|
||||
]
|
||||
},
|
||||
{
|
||||
"id": "b6d4",
|
||||
"name": "Add sample action with mandatory arguments and invalid control action",
|
||||
|
||||
Reference in New Issue
Block a user