[net-next,07/11] net: xps: embed nr_ids in dev_maps

Message ID	20210128144405.4157244-8-atenart@kernel.org (mailing list archive)
State	Superseded
Delegated to:	Netdev Maintainers
Headers	show Return-Path: <netdev-owner@kernel.org> From: Antoine Tenart <atenart@kernel.org> To: davem@davemloft.net, kuba@kernel.org, alexander.duyck@gmail.com Cc: Antoine Tenart <atenart@kernel.org>, netdev@vger.kernel.org Subject: [PATCH net-next 07/11] net: xps: embed nr_ids in dev_maps Date: Thu, 28 Jan 2021 15:44:01 +0100 Message-Id: <20210128144405.4157244-8-atenart@kernel.org> In-Reply-To: <20210128144405.4157244-1-atenart@kernel.org> References: <20210128144405.4157244-1-atenart@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	net: xps: improve the xps maps handling \| expand [net-next,00/11] net: xps: improve the xps maps handling [net-next,01/11] net-sysfs: convert xps_cpus_show to bitmap_zalloc [net-next,02/11] net-sysfs: store the return of get_netdev_queue_index in an unsigned int [net-next,03/11] net-sysfs: move the xps cpus/rxqs retrieval in a common function [net-next,04/11] net: embed num_tc in the xps maps [net-next,05/11] net: add an helper to copy xps maps to the new dev_maps [net-next,06/11] net: improve queue removal readability in __netif_set_xps_queue [net-next,07/11] net: xps: embed nr_ids in dev_maps [net-next,08/11] net: assert the rtnl lock is held when calling __netif_set_xps_queue [net-next,09/11] net: remove the xps possible_mask [net-next,10/11] net-sysfs: remove the rtnl lock when accessing the xps maps [net-next,11/11] net: move the xps maps to an array

Message ID

20210128144405.4157244-8-atenart@kernel.org (mailing list archive)

State

Superseded

Delegated to:

Netdev Maintainers

Headers

From: Antoine Tenart <atenart@kernel.org>
To: davem@davemloft.net, kuba@kernel.org, alexander.duyck@gmail.com
Cc: Antoine Tenart <atenart@kernel.org>, netdev@vger.kernel.org
Subject: [PATCH net-next 07/11] net: xps: embed nr_ids in dev_maps
Date: Thu, 28 Jan 2021 15:44:01 +0100
Message-Id: <20210128144405.4157244-8-atenart@kernel.org>
In-Reply-To: <20210128144405.4157244-1-atenart@kernel.org>
References: <20210128144405.4157244-1-atenart@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

net: xps: improve the xps maps handling | expand

Checks

Context	Check	Description
netdev/cover_letter	success	Link
netdev/fixes_present	success	Link
netdev/patch_count	success	Link
netdev/tree_selection	success	Clearly marked for net-next
netdev/subject_prefix	success	Link
netdev/cc_maintainers	warning	7 maintainers not CCed: andriin@fb.com daniel@iogearbox.net edumazet@google.com ap420073@gmail.com christian.brauner@ubuntu.com ast@kernel.org xiyou.wangcong@gmail.com
netdev/source_inline	success	Was 0 now: 0
netdev/verify_signedoff	success	Link
netdev/module_param	success	Was 0 now: 0
netdev/build_32bit	success	Errors and warnings before: 7149 this patch: 7149
netdev/kdoc	success	Errors and warnings before: 0 this patch: 0
netdev/verify_fixes	success	Link
netdev/checkpatch	success	total: 0 errors, 0 warnings, 0 checks, 106 lines checked
netdev/build_allmodconfig_warn	success	Errors and warnings before: 7549 this patch: 7549
netdev/header_inline	success	Link
netdev/stable	success	Stable not CCed

Context

Check

Description

netdev/cover_letter

success

Link

netdev/fixes_present

success

Link

netdev/patch_count

success

Link

netdev/tree_selection

success

Clearly marked for net-next

netdev/subject_prefix

success

Link

netdev/cc_maintainers

warning

7 maintainers not CCed: andriin@fb.com daniel@iogearbox.net edumazet@google.com ap420073@gmail.com christian.brauner@ubuntu.com ast@kernel.org xiyou.wangcong@gmail.com

netdev/source_inline

success

Was 0 now: 0

netdev/verify_signedoff

success

Link

netdev/module_param

success

Was 0 now: 0

netdev/build_32bit

success

Errors and warnings before: 7149 this patch: 7149

netdev/kdoc

success

Errors and warnings before: 0 this patch: 0

netdev/verify_fixes

success

Link

netdev/checkpatch

success

total: 0 errors, 0 warnings, 0 checks, 106 lines checked

netdev/build_allmodconfig_warn

success

Errors and warnings before: 7549 this patch: 7549

netdev/header_inline

success

Link

netdev/stable

success

Stable not CCed

Commit Message

Antoine Tenart Jan. 28, 2021, 2:44 p.m. UTC

Embed nr_ids (the number of cpu for the xps cpus map, and the number of
rxqs for the xps cpus map) in dev_maps. That will help not accessing out
of bound memory if those values change after dev_maps was allocated.

Suggested-by: Alexander Duyck <alexander.duyck@gmail.com>
Signed-off-by: Antoine Tenart <atenart@kernel.org>
---
 include/linux/netdevice.h |  4 ++++
 net/core/dev.c            | 26 +++++++++++---------------
 net/core/net-sysfs.c      |  4 ++--
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index 481307de6983..f923eb97c446 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -780,6 +780,9 @@  struct xps_map {
 /*
  * This structure holds all XPS maps for device.  Maps are indexed by CPU.
  *
+ * We keep track of the number of cpus/rxqs used when the struct is allocated,
+ * in nr_ids. This will help not accessing out-of-bound memory.
+ *
  * We keep track of the number of traffic classes used when the struct is
  * allocated, in num_tc. This will be used to navigate the maps, to ensure we're
  * not crossing its upper bound, as the original dev->num_tc can be updated in
@@ -787,6 +790,7 @@  struct xps_map {
  */
 struct xps_dev_maps {
 	struct rcu_head rcu;
+	unsigned int nr_ids;
 	s16 num_tc;
 	struct xps_map __rcu *attr_map[]; /* Either CPUs map or RXQs map */
 };
diff --git a/net/core/dev.c b/net/core/dev.c
index 118cc0985ff1..2a0a777390c6 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -2505,14 +2505,14 @@  static void reset_xps_maps(struct net_device *dev,
 }
 
 static void clean_xps_maps(struct net_device *dev, const unsigned long *mask,
-			   struct xps_dev_maps *dev_maps, unsigned int nr_ids,
-			   u16 offset, u16 count, bool is_rxqs_map)
+			   struct xps_dev_maps *dev_maps, u16 offset, u16 count,
+			   bool is_rxqs_map)
 {
+	unsigned int nr_ids = dev_maps->nr_ids;
 	bool active = false;
 	int i, j;
 
-	for (j = -1; j = netif_attrmask_next(j, mask, nr_ids),
-	     j < nr_ids;)
+	for (j = -1; j = netif_attrmask_next(j, mask, nr_ids), j < nr_ids;)
 		active |= remove_xps_queue_cpu(dev, dev_maps, j, offset,
 					       count);
 	if (!active)
@@ -2532,7 +2532,6 @@  static void netif_reset_xps_queues(struct net_device *dev, u16 offset,
 {
 	const unsigned long *possible_mask = NULL;
 	struct xps_dev_maps *dev_maps;
-	unsigned int nr_ids;
 
 	if (!static_key_false(&xps_needed))
 		return;
@@ -2542,11 +2541,9 @@  static void netif_reset_xps_queues(struct net_device *dev, u16 offset,
 
 	if (static_key_false(&xps_rxqs_needed)) {
 		dev_maps = xmap_dereference(dev->xps_rxqs_map);
-		if (dev_maps) {
-			nr_ids = dev->num_rx_queues;
-			clean_xps_maps(dev, possible_mask, dev_maps, nr_ids,
-				       offset, count, true);
-		}
+		if (dev_maps)
+			clean_xps_maps(dev, possible_mask, dev_maps, offset,
+				       count, true);
 	}
 
 	dev_maps = xmap_dereference(dev->xps_cpus_map);
@@ -2555,9 +2552,7 @@  static void netif_reset_xps_queues(struct net_device *dev, u16 offset,
 
 	if (num_possible_cpus() > 1)
 		possible_mask = cpumask_bits(cpu_possible_mask);
-	nr_ids = nr_cpu_ids;
-	clean_xps_maps(dev, possible_mask, dev_maps, nr_ids, offset, count,
-		       false);
+	clean_xps_maps(dev, possible_mask, dev_maps, offset, count, false);
 
 out_no_maps:
 	mutex_unlock(&xps_map_mutex);
@@ -2690,6 +2685,7 @@  int __netif_set_xps_queue(struct net_device *dev, const unsigned long *mask,
 				return -ENOMEM;
 			}
 
+			new_dev_maps->nr_ids = nr_ids;
 			new_dev_maps->num_tc = num_tc;
 		}
 
@@ -3943,7 +3939,7 @@  static int __get_xps_queue_idx(struct net_device *dev, struct sk_buff *skb,
 	struct xps_map *map;
 	int queue_index = -1;
 
-	if (tc >= dev_maps->num_tc)
+	if (tc >= dev_maps->num_tc || tci >= dev_maps->nr_ids)
 		return queue_index;
 
 	tci *= dev_maps->num_tc;
@@ -3982,7 +3978,7 @@  static int get_xps_queue(struct net_device *dev, struct net_device *sb_dev,
 	if (dev_maps) {
 		int tci = sk_rx_queue_get(sk);
 
-		if (tci >= 0 && tci < dev->num_rx_queues)
+		if (tci >= 0)
 			queue_index = __get_xps_queue_idx(dev, skb, dev_maps,
 							  tci);
 	}
diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c
index f606f3556ad7..5b7123d3b66f 100644
--- a/net/core/net-sysfs.c
+++ b/net/core/net-sysfs.c
@@ -1331,16 +1331,16 @@  static int xps_queue_show(struct net_device *dev, unsigned long **mask,
 
 	if (is_rxqs_map) {
 		dev_maps = rcu_dereference(dev->xps_rxqs_map);
-		nr_ids = dev->num_rx_queues;
 	} else {
 		dev_maps = rcu_dereference(dev->xps_cpus_map);
-		nr_ids = nr_cpu_ids;
 		if (num_possible_cpus() > 1)
 			possible_mask = cpumask_bits(cpu_possible_mask);
 	}
 	if (!dev_maps || tc >= dev_maps->num_tc)
 		goto rcu_unlock;
 
+	nr_ids = dev_maps->nr_ids;
+
 	for (j = -1; j = netif_attrmask_next(j, possible_mask, nr_ids),
 	     j < nr_ids;) {
 		int i, tci = j * dev_maps->num_tc + tc;