From patchwork Fri Apr 21 21:25:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Tammela X-Patchwork-Id: 13220685 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 572ECC7618E for ; Fri, 21 Apr 2023 21:25:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232300AbjDUVZp (ORCPT ); Fri, 21 Apr 2023 17:25:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58622 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232081AbjDUVZo (ORCPT ); Fri, 21 Apr 2023 17:25:44 -0400 Received: from mail-oa1-x36.google.com (mail-oa1-x36.google.com [IPv6:2001:4860:4864:20::36]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1AF6E268C for ; Fri, 21 Apr 2023 14:25:43 -0700 (PDT) Received: by mail-oa1-x36.google.com with SMTP id 586e51a60fabf-187b07ad783so1930690fac.0 for ; Fri, 21 Apr 2023 14:25:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mojatatu-com.20221208.gappssmtp.com; s=20221208; t=1682112342; x=1684704342; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wD0C59tjjQYSLcmnLy7kgMbbGEO1G+xvyANyqxWFHHQ=; b=tm5XzlacpLJIj+t6zOGcTXUigZkc/DaIwN+F2nOKMPEEF+3rnhuhGStSZFp0HqVwFr 0iXenzolGrgEZzsRyCdXDKR9qwjwmCMM0WGzFZpskfWKSZAdHHACMVFBi2SnAj9y4Grl v/D4rDNDe9FfWQ7adc2FL7QggKd8mrBSuTgCA9Y6DQszFYWxC3aySSlyWfjZg5cbS8OD smeDb5q82jX9TnTX7xqrwo/tCC34ImmjGnXq9cl5Clfr5mr23JkEowTyR3HYzqgcsQ/5 2uiubFub9VT8SyhrQ0Ecz1BFgAw/lGUpl8GAGeFuwuDFELjUAB+n9G8CkrL5VsyLAL+J mC0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682112342; x=1684704342; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wD0C59tjjQYSLcmnLy7kgMbbGEO1G+xvyANyqxWFHHQ=; b=HqjCraj0zWhmj4bMJyUfjYJ7UDzIs1kBkIIzi/XsRoX/T3u/vgXeTBSiT949bOdlPC 1mo3YeFL7EeQ/AEV2SsNF2fwzN15mkKHs0je3N0tFnFVTHBacj4aduyVj8wK/BAPz1JX iDjHcX/xOi4Sf5uB0YbM+IUqynoUY3bZ3nOILus+0gsdqa5bm3TUeHEJ6Tj8Oaw8czHU n93gv7n2bP+etuN+8B4U8VJjdgXp9ddJDPH0InnIafaJgVr/qbAEp0MYqcLMnrF9I2Bt 95XqhuxKCWI/0E5O1RmtY/mFakU8WWLzqiJQC8mi3dm07tZDcDVq8AfBTF9vQqFTqBH7 Vuzw== X-Gm-Message-State: AAQBX9fiHh5gMwHSudglzAjoC0+eRSnbxptAowiWTReGULy+oyvQafeX BbR5RGmGWWDTr/+RJo1bygz5ZUdxVXUlsNSB/xo= X-Google-Smtp-Source: AKy350bdici1UCF5XZSJ2su+e1vktmxyywMncmlDcI+LyAlFb9PXLJ2xUGWNSf3EswWCFwNdT3cWCg== X-Received: by 2002:a05:6870:2424:b0:187:83c8:5f0b with SMTP id n36-20020a056870242400b0018783c85f0bmr3563160oap.58.1682112342236; Fri, 21 Apr 2023 14:25:42 -0700 (PDT) Received: from localhost.localdomain ([2804:14d:5c5e:44fb:7380:c348:a30c:7e82]) by smtp.gmail.com with ESMTPSA id j11-20020a4a888b000000b00524fe20aee5sm2147663ooa.34.2023.04.21.14.25.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Apr 2023 14:25:42 -0700 (PDT) From: Pedro Tammela To: netdev@vger.kernel.org Cc: jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, simon.horman@corigine.com, Pedro Tammela Subject: [PATCH net-next v5 1/5] net/sched: act_pedit: use NLA_POLICY for parsing 'ex' keys Date: Fri, 21 Apr 2023 18:25:13 -0300 Message-Id: <20230421212516.406726-2-pctammela@mojatatu.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230421212516.406726-1-pctammela@mojatatu.com> References: <20230421212516.406726-1-pctammela@mojatatu.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Transform two checks in the 'ex' key parsing into netlink policies removing extra if checks. Signed-off-by: Pedro Tammela Reviewed-by: Simon Horman --- net/sched/act_pedit.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/net/sched/act_pedit.c b/net/sched/act_pedit.c index 4559a1507ea5..45201f75e896 100644 --- a/net/sched/act_pedit.c +++ b/net/sched/act_pedit.c @@ -30,8 +30,9 @@ static const struct nla_policy pedit_policy[TCA_PEDIT_MAX + 1] = { }; static const struct nla_policy pedit_key_ex_policy[TCA_PEDIT_KEY_EX_MAX + 1] = { - [TCA_PEDIT_KEY_EX_HTYPE] = { .type = NLA_U16 }, - [TCA_PEDIT_KEY_EX_CMD] = { .type = NLA_U16 }, + [TCA_PEDIT_KEY_EX_HTYPE] = + NLA_POLICY_MAX(NLA_U16, TCA_PEDIT_HDR_TYPE_MAX), + [TCA_PEDIT_KEY_EX_CMD] = NLA_POLICY_MAX(NLA_U16, TCA_PEDIT_CMD_MAX), }; static struct tcf_pedit_key_ex *tcf_pedit_keys_ex_parse(struct nlattr *nla, @@ -81,12 +82,6 @@ static struct tcf_pedit_key_ex *tcf_pedit_keys_ex_parse(struct nlattr *nla, k->htype = nla_get_u16(tb[TCA_PEDIT_KEY_EX_HTYPE]); k->cmd = nla_get_u16(tb[TCA_PEDIT_KEY_EX_CMD]); - if (k->htype > TCA_PEDIT_HDR_TYPE_MAX || - k->cmd > TCA_PEDIT_CMD_MAX) { - err = -EINVAL; - goto err_out; - } - k++; } From patchwork Fri Apr 21 21:25:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Tammela X-Patchwork-Id: 13220686 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DCC8DC77B76 for ; Fri, 21 Apr 2023 21:25:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233213AbjDUVZu (ORCPT ); Fri, 21 Apr 2023 17:25:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58694 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232885AbjDUVZr (ORCPT ); Fri, 21 Apr 2023 17:25:47 -0400 Received: from mail-oi1-x235.google.com (mail-oi1-x235.google.com [IPv6:2607:f8b0:4864:20::235]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 05DDF270D for ; Fri, 21 Apr 2023 14:25:46 -0700 (PDT) Received: by mail-oi1-x235.google.com with SMTP id 5614622812f47-38bcc5914ecso902738b6e.0 for ; Fri, 21 Apr 2023 14:25:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mojatatu-com.20221208.gappssmtp.com; s=20221208; t=1682112345; x=1684704345; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=D5/e9XMudMN/In9k0qq3cI/EgMi4otvzooQkp2HZCZk=; b=MConKEzyznXq9fCGod3HBEKVKytaglPHjU85VmDSguQeD9KXRWoRxWp0QwqTBCs9Z3 InM3m7w8csyOd+J3b2EOvUf1fKcY+cV5eo9nfeHRNMuiIe9VgpIoBRGwpplFCm+6yKvr 2cGVedoIvyREeadxRi9+MrH6WS0DUyjk98/NNGGl5JSEVVL6rT1CirCW4MBcut+zny0g rQMEeMVVtwnvXAGRX2d43SoqcCTL0jIdRQI0s4rJirylY48A/Q6DXwkvzPkYIHqdFiB+ eJv0g0J2gTjfbsb8vpKHPpinZ/MM9NckD280sq7hWY/ws7JqztAHIqxP1V2Af2CsRxk4 PP5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682112345; x=1684704345; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=D5/e9XMudMN/In9k0qq3cI/EgMi4otvzooQkp2HZCZk=; b=VpacRllqPMeDqm53p7YAuaZz0in2MtyQIR03N7zp3WHLdXtLbvwltpozQg8GQmSXDg 0t8gDnwZqRsC66xdqUFgZZ2U3aRAD4e4m7AYdtli+cMVAgUjAhzwcgNOp1eef4Xh1VJx iYq4b+EY6pDMPdU5ysZcLmtK6CmPfVJBIYfLLL8JJDkz43IXUdf6FuhadECM80ZbOnb7 mUxBuelUylhrBszdax/PI9c0pFSuEwPSUlpVUglgjwEh9ke3e7WVaKBSEsIneHeqTeW6 pomOF16VkVUF02wj3vgcjIa9Idvcpv13tHU0mAZKoJ7ynnjYWCMHP4F4EK0meHWDJ2rx +MEw== X-Gm-Message-State: AAQBX9fjM6qR3c4nLon/htRgyD8kZThlW2Tsm9FVbeYWk9CiwXl7xdyd cQ7zXmdGZw0O8bWFYvTY4oLb900tY3exaohX+RM= X-Google-Smtp-Source: AKy350b8TKI5JpaNIzHdoAPmk+RlGEFxbxztIRTzlM/zIRNN8vwpmpYW2bkVd5jrw0oDGJS6aASnaw== X-Received: by 2002:aca:a982:0:b0:38e:56b9:aa69 with SMTP id s124-20020acaa982000000b0038e56b9aa69mr3028808oie.7.1682112345188; Fri, 21 Apr 2023 14:25:45 -0700 (PDT) Received: from localhost.localdomain ([2804:14d:5c5e:44fb:7380:c348:a30c:7e82]) by smtp.gmail.com with ESMTPSA id j11-20020a4a888b000000b00524fe20aee5sm2147663ooa.34.2023.04.21.14.25.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Apr 2023 14:25:44 -0700 (PDT) From: Pedro Tammela To: netdev@vger.kernel.org Cc: jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, simon.horman@corigine.com, Pedro Tammela Subject: [PATCH net-next v5 2/5] net/sched: act_pedit: use extack in 'ex' parsing errors Date: Fri, 21 Apr 2023 18:25:14 -0300 Message-Id: <20230421212516.406726-3-pctammela@mojatatu.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230421212516.406726-1-pctammela@mojatatu.com> References: <20230421212516.406726-1-pctammela@mojatatu.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org We have extack available when parsing 'ex' keys, so pass it to tcf_pedit_keys_ex_parse and add more detailed error messages. Reviewed-by: Simon Horman Signed-off-by: Pedro Tammela --- net/sched/act_pedit.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/net/sched/act_pedit.c b/net/sched/act_pedit.c index 45201f75e896..24976cd4e4a2 100644 --- a/net/sched/act_pedit.c +++ b/net/sched/act_pedit.c @@ -36,7 +36,7 @@ static const struct nla_policy pedit_key_ex_policy[TCA_PEDIT_KEY_EX_MAX + 1] = { }; static struct tcf_pedit_key_ex *tcf_pedit_keys_ex_parse(struct nlattr *nla, - u8 n) + u8 n, struct netlink_ext_ack *extack) { struct tcf_pedit_key_ex *keys_ex; struct tcf_pedit_key_ex *k; @@ -57,12 +57,14 @@ static struct tcf_pedit_key_ex *tcf_pedit_keys_ex_parse(struct nlattr *nla, struct nlattr *tb[TCA_PEDIT_KEY_EX_MAX + 1]; if (!n) { + NL_SET_ERR_MSG_MOD(extack, "Can't parse more extended keys than requested"); err = -EINVAL; goto err_out; } n--; if (nla_type(ka) != TCA_PEDIT_KEY_EX) { + NL_SET_ERR_MSG_ATTR(extack, ka, "Unknown attribute, expected extended key"); err = -EINVAL; goto err_out; } @@ -73,8 +75,14 @@ static struct tcf_pedit_key_ex *tcf_pedit_keys_ex_parse(struct nlattr *nla, if (err) goto err_out; - if (!tb[TCA_PEDIT_KEY_EX_HTYPE] || - !tb[TCA_PEDIT_KEY_EX_CMD]) { + if (NL_REQ_ATTR_CHECK(extack, nla, tb, TCA_PEDIT_KEY_EX_HTYPE)) { + NL_SET_ERR_MSG(extack, "Missing required attribute"); + err = -EINVAL; + goto err_out; + } + + if (NL_REQ_ATTR_CHECK(extack, nla, tb, TCA_PEDIT_KEY_EX_CMD)) { + NL_SET_ERR_MSG(extack, "Missing required attribute"); err = -EINVAL; goto err_out; } @@ -86,6 +94,7 @@ static struct tcf_pedit_key_ex *tcf_pedit_keys_ex_parse(struct nlattr *nla, } if (n) { + NL_SET_ERR_MSG_MOD(extack, "Not enough extended keys to parse"); err = -EINVAL; goto err_out; } @@ -217,7 +226,7 @@ static int tcf_pedit_init(struct net *net, struct nlattr *nla, } nparms->tcfp_keys_ex = - tcf_pedit_keys_ex_parse(tb[TCA_PEDIT_KEYS_EX], parm->nkeys); + tcf_pedit_keys_ex_parse(tb[TCA_PEDIT_KEYS_EX], parm->nkeys, extack); if (IS_ERR(nparms->tcfp_keys_ex)) { ret = PTR_ERR(nparms->tcfp_keys_ex); goto out_free; From patchwork Fri Apr 21 21:25:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Tammela X-Patchwork-Id: 13220687 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id ECA1DC77B7E for ; Fri, 21 Apr 2023 21:25:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231645AbjDUVZw (ORCPT ); Fri, 21 Apr 2023 17:25:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58776 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233156AbjDUVZu (ORCPT ); Fri, 21 Apr 2023 17:25:50 -0400 Received: from mail-oo1-xc2a.google.com (mail-oo1-xc2a.google.com [IPv6:2607:f8b0:4864:20::c2a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4A0A9268C for ; Fri, 21 Apr 2023 14:25:49 -0700 (PDT) Received: by mail-oo1-xc2a.google.com with SMTP id 006d021491bc7-546ee6030e5so1283343eaf.3 for ; Fri, 21 Apr 2023 14:25:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mojatatu-com.20221208.gappssmtp.com; s=20221208; t=1682112348; x=1684704348; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=GKSKugCB6BQUzFHp+91QqPMtVs0x3EKY9rqmE0Nbn+Y=; b=rePEyzzisI5fuvTa221k10/hysmtbMxvEAhwS2IFeMZUZrQzFTCi5RZXgq6us6vhZr aOb+m3maKSE6iU+yYwqOTBdhcenyirqYNKQnktDNi+hC3o2sKXsnJfUl9SBoopTLvz+t 2daCLzazsnKSwrhSNT4YFlHFHPvaxIodAzLT88mGdVCMLDL6twHJKMxUSHEkumJvdeRP IF0jkS1I4EI3UUYrNL2oDECu2Z2PlN1NZK3flzNppiz1rNQFtcaKGyGdRei+wkMTy2UQ 6wE6UylS8ttPX+picUcq6l0yxrvH4v9MZe2sgpE7fojglIReGrzaJqw16rMWkIQBF3Vw URnw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682112348; x=1684704348; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GKSKugCB6BQUzFHp+91QqPMtVs0x3EKY9rqmE0Nbn+Y=; b=gs5n3g4+DZ6W0dIf59Ar/gMjsrFa7VwnDiJLnJifplQp29uLZ9xfHHjOvCCVTE0q99 Nz76eFox2DBqWK15F6GOkC+YcMuilcsF3lSZtUKJxnByDYN3cA2BhwQlP5vmgZQK8arE UW9p2r7/QuWLWzCn6K4KAimBpSlSK2EPB2RXL1gGFjjJbX5cRTWiK+m40FCGHaCzCpth D6NgIB5uSuWynOnxqdsFuXS0feOmN/qJhn/LlExwYayjy9OhxzGKjxSJfPFCCMQ8Gybx NDRZ2HMT6YBJ3tm37UN3+aWRm74E1PN4pS4SHldGHD47FmTqKb+yaJ4CLRABDI8pHZP+ Arrg== X-Gm-Message-State: AAQBX9dQ0Kc8sKfnuiwpAvcYFoL9g1WbyAB7PQvGfb1CarFI55aQbXfV +NawOxKJhg6JqRoMcXkAI3RMdRQl2IklMJFfRBE= X-Google-Smtp-Source: AKy350ZGasDTjesWy5B/20F637d0h73MEZQgc+SP9ZBt9lNveRvICh2dA1IBBMdFqECQgyHISse2aw== X-Received: by 2002:a05:6820:188d:b0:547:6105:e090 with SMTP id bm13-20020a056820188d00b005476105e090mr1119083oob.4.1682112348302; Fri, 21 Apr 2023 14:25:48 -0700 (PDT) Received: from localhost.localdomain ([2804:14d:5c5e:44fb:7380:c348:a30c:7e82]) by smtp.gmail.com with ESMTPSA id j11-20020a4a888b000000b00524fe20aee5sm2147663ooa.34.2023.04.21.14.25.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Apr 2023 14:25:47 -0700 (PDT) From: Pedro Tammela To: netdev@vger.kernel.org Cc: jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, simon.horman@corigine.com, Pedro Tammela Subject: [PATCH net-next v5 3/5] net/sched: act_pedit: check static offsets a priori Date: Fri, 21 Apr 2023 18:25:15 -0300 Message-Id: <20230421212516.406726-4-pctammela@mojatatu.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230421212516.406726-1-pctammela@mojatatu.com> References: <20230421212516.406726-1-pctammela@mojatatu.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Static key offsets should always be on 32 bit boundaries. Validate them on create/update time for static offsets and move the datapath validation for runtime offsets only. iproute2 already errors out if a given offset and data size cannot be packed to a 32 bit boundary. This change will make sure users which create/update pedit instances directly via netlink also error out, instead of finding out when packets are traversing. Reviewed-by: Jamal Hadi Salim Reviewed-by: Simon Horman Signed-off-by: Pedro Tammela --- net/sched/act_pedit.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/net/sched/act_pedit.c b/net/sched/act_pedit.c index 24976cd4e4a2..cc4dfb01c6c7 100644 --- a/net/sched/act_pedit.c +++ b/net/sched/act_pedit.c @@ -251,8 +251,16 @@ static int tcf_pedit_init(struct net *net, struct nlattr *nla, memcpy(nparms->tcfp_keys, parm->keys, ksize); for (i = 0; i < nparms->tcfp_nkeys; ++i) { + u32 offmask = nparms->tcfp_keys[i].offmask; u32 cur = nparms->tcfp_keys[i].off; + /* The AT option can be added to static offsets in the datapath */ + if (!offmask && cur % 4) { + NL_SET_ERR_MSG_MOD(extack, "Offsets must be on 32bit boundaries"); + ret = -EINVAL; + goto put_chain; + } + /* sanitize the shift value for any later use */ nparms->tcfp_keys[i].shift = min_t(size_t, BITS_PER_TYPE(int) - 1, @@ -261,7 +269,7 @@ static int tcf_pedit_init(struct net *net, struct nlattr *nla, /* The AT option can read a single byte, we can bound the actual * value with uchar max. */ - cur += (0xff & nparms->tcfp_keys[i].offmask) >> nparms->tcfp_keys[i].shift; + cur += (0xff & offmask) >> nparms->tcfp_keys[i].shift; /* Each key touches 4 bytes starting from the computed offset */ nparms->tcfp_off_max_hint = @@ -411,12 +419,12 @@ TC_INDIRECT_SCOPE int tcf_pedit_act(struct sk_buff *skb, sizeof(_d), &_d); if (!d) goto bad; - offset += (*d & tkey->offmask) >> tkey->shift; - } - if (offset % 4) { - pr_info("tc action pedit offset must be on 32 bit boundaries\n"); - goto bad; + offset += (*d & tkey->offmask) >> tkey->shift; + if (offset % 4) { + pr_info("tc action pedit offset must be on 32 bit boundaries\n"); + goto bad; + } } if (!offset_valid(skb, hoffset + offset)) { From patchwork Fri Apr 21 21:25:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Tammela X-Patchwork-Id: 13220688 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1E404C7618E for ; Fri, 21 Apr 2023 21:26:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233630AbjDUV0D (ORCPT ); Fri, 21 Apr 2023 17:26:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59052 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233536AbjDUVZ6 (ORCPT ); Fri, 21 Apr 2023 17:25:58 -0400 Received: from mail-oi1-x22f.google.com (mail-oi1-x22f.google.com [IPv6:2607:f8b0:4864:20::22f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4E6D8272B for ; Fri, 21 Apr 2023 14:25:52 -0700 (PDT) Received: by mail-oi1-x22f.google.com with SMTP id 5614622812f47-38dfa504391so1525817b6e.3 for ; Fri, 21 Apr 2023 14:25:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mojatatu-com.20221208.gappssmtp.com; s=20221208; t=1682112351; x=1684704351; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=JPJ4oLG4sFtQHlowOjfVCKB8UUyQws2m/Bu8cseeYMA=; b=231uPKal/NBl55tggGjdVIB1FZqYhhJfONGNxq74WEXbnM0dYGKcD6zXBWtRVF9vBd cemUMFyx8WSyPOCLtUsvIx69eg3EpWGLI8rAPk4UGwb2Ls7o/hgN1GACQY5WzZ0Y5M+i Hz9KsFenI02q/RSSc9WpU8gFMpbHPSKByPECo3fth+288KMIdAgrV2SAXwJo0Z0UlI54 Lp/ncw/phpxPVPtO/obz+xaTti31ax3797/oBX1/xayoAVfKU1M30S9b5wxTrtBaZsp6 hdE1lbX6yficWdY9V3db6DlWbfrZOor57MnbqQV0XboVKhp+j+15/hse/8IFBK/kRAVm kawQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682112351; x=1684704351; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JPJ4oLG4sFtQHlowOjfVCKB8UUyQws2m/Bu8cseeYMA=; b=AQLrLblHDWk29AlCfDka3VvxW3LqQpT0aAoDw3+hNa1N1AxIoM+TwSrJ06ZqijxjIo q4KiSf37NvC6JFk8OquH2BrnBTcFLGBkQOkREblaaNv1rtHDYhO7mZse/rogXIAjEN9V fGB2yhwyvO5nBJyXsr+Sipbu6vv/AJCxAicWJU0JE1l3nGBW7hF40tZ8VSePWqKIPRzB qtMNy02LVLtaT3fJhBCfvenMBW0cWkZxPV1abcfNQb64IjKdLlirih9wX2f48d0M2tQR B26AFDp+cFDFdb6nJii8PvTExgT0f+pbaP6Zec8RBym37dw0kzrjaDGtq1XYEHU9QVeP Rabg== X-Gm-Message-State: AAQBX9eEGOXpunodCa/ZmBgFV6gi495kGLwP2iLKUUIhtpNJ8pSE9C9d /ltvwQzxOSpXlUVf3q/IPLmHwrBuK32HyL6yqfg= X-Google-Smtp-Source: AKy350bRcohqnG/hq+dQBwBda8V9MlliP0iJ5JWm2fLLDEaXL3Epfww8HVCbdyhlkEU01oqCQ9hBSw== X-Received: by 2002:aca:646:0:b0:38d:e7a6:5a68 with SMTP id 67-20020aca0646000000b0038de7a65a68mr3277835oig.15.1682112351260; Fri, 21 Apr 2023 14:25:51 -0700 (PDT) Received: from localhost.localdomain ([2804:14d:5c5e:44fb:7380:c348:a30c:7e82]) by smtp.gmail.com with ESMTPSA id j11-20020a4a888b000000b00524fe20aee5sm2147663ooa.34.2023.04.21.14.25.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Apr 2023 14:25:51 -0700 (PDT) From: Pedro Tammela To: netdev@vger.kernel.org Cc: jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, simon.horman@corigine.com, Pedro Tammela Subject: [PATCH net-next v5 4/5] net/sched: act_pedit: remove extra check for key type Date: Fri, 21 Apr 2023 18:25:16 -0300 Message-Id: <20230421212516.406726-5-pctammela@mojatatu.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230421212516.406726-1-pctammela@mojatatu.com> References: <20230421212516.406726-1-pctammela@mojatatu.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org The netlink parsing already validates the key 'htype'. Remove the datapath check as it's redundant. Reviewed-by: Jamal Hadi Salim Reviewed-by: Simon Horman Signed-off-by: Pedro Tammela --- net/sched/act_pedit.c | 29 +++++++---------------------- 1 file changed, 7 insertions(+), 22 deletions(-) diff --git a/net/sched/act_pedit.c b/net/sched/act_pedit.c index cc4dfb01c6c7..2fec4473d800 100644 --- a/net/sched/act_pedit.c +++ b/net/sched/act_pedit.c @@ -325,37 +325,28 @@ static bool offset_valid(struct sk_buff *skb, int offset) return true; } -static int pedit_skb_hdr_offset(struct sk_buff *skb, - enum pedit_header_type htype, int *hoffset) +static void pedit_skb_hdr_offset(struct sk_buff *skb, + enum pedit_header_type htype, int *hoffset) { - int ret = -EINVAL; - + /* 'htype' is validated in the netlink parsing */ switch (htype) { case TCA_PEDIT_KEY_EX_HDR_TYPE_ETH: - if (skb_mac_header_was_set(skb)) { + if (skb_mac_header_was_set(skb)) *hoffset = skb_mac_offset(skb); - ret = 0; - } break; case TCA_PEDIT_KEY_EX_HDR_TYPE_NETWORK: case TCA_PEDIT_KEY_EX_HDR_TYPE_IP4: case TCA_PEDIT_KEY_EX_HDR_TYPE_IP6: *hoffset = skb_network_offset(skb); - ret = 0; break; case TCA_PEDIT_KEY_EX_HDR_TYPE_TCP: case TCA_PEDIT_KEY_EX_HDR_TYPE_UDP: - if (skb_transport_header_was_set(skb)) { + if (skb_transport_header_was_set(skb)) *hoffset = skb_transport_offset(skb); - ret = 0; - } break; default: - ret = -EINVAL; break; } - - return ret; } TC_INDIRECT_SCOPE int tcf_pedit_act(struct sk_buff *skb, @@ -388,10 +379,9 @@ TC_INDIRECT_SCOPE int tcf_pedit_act(struct sk_buff *skb, for (i = parms->tcfp_nkeys; i > 0; i--, tkey++) { int offset = tkey->off; + int hoffset = 0; u32 *ptr, hdata; - int hoffset; u32 val; - int rc; if (tkey_ex) { htype = tkey_ex->htype; @@ -400,12 +390,7 @@ TC_INDIRECT_SCOPE int tcf_pedit_act(struct sk_buff *skb, tkey_ex++; } - rc = pedit_skb_hdr_offset(skb, htype, &hoffset); - if (rc) { - pr_info("tc action pedit bad header type specified (0x%x)\n", - htype); - goto bad; - } + pedit_skb_hdr_offset(skb, htype, &hoffset); if (tkey->offmask) { u8 *d, _d; From patchwork Fri Apr 21 21:25:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Tammela X-Patchwork-Id: 13220689 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 32200C7618E for ; Fri, 21 Apr 2023 21:26:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233668AbjDUV0H (ORCPT ); Fri, 21 Apr 2023 17:26:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59160 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232640AbjDUV0B (ORCPT ); Fri, 21 Apr 2023 17:26:01 -0400 Received: from mail-oi1-x235.google.com (mail-oi1-x235.google.com [IPv6:2607:f8b0:4864:20::235]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 34E372D78 for ; Fri, 21 Apr 2023 14:25:55 -0700 (PDT) Received: by mail-oi1-x235.google.com with SMTP id 5614622812f47-38e3228d120so1607797b6e.3 for ; Fri, 21 Apr 2023 14:25:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mojatatu-com.20221208.gappssmtp.com; s=20221208; t=1682112354; x=1684704354; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=f72Xfsio3gARNcMunkdIGAkmBIJdgUtaGuBTP8E+oSw=; b=On6fC2I+j94PNaLbRU0QfNvPVg2YjU8LLJP8g9H160CyAO2d0BSobvVq9RIpnySnCM Oyi58zWjIHy3ZMyBcsn6xAnfLc5TZa0V3Fn3u5At/ALRHkhxp/3uCqNL/Aa60NQRIqJc vvEHGIjiRvFmkh4JimxVx05SiUGUANhF8mykI3Z15Arcq3oX3KhiUBxvdoO5Bo5TuH/H zMN8/fjW3tV7gMrxWTbSWLAaylkEe05kXjaKwVW4BNBnt1Bl1nrzSgoUUod9mu50VF5d /yqSQlnt0MRG7URkWRUsAJlf3xvVMHUzi539PbVDbaFBaIzozL5JYVFYGRjVAMGO8X5A 7+Sg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682112354; x=1684704354; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=f72Xfsio3gARNcMunkdIGAkmBIJdgUtaGuBTP8E+oSw=; b=IiK64d6airTaDMoxmJQeLamercTY32j2Dpq6NcwE9AbB4Ts5dJMulMkYUkqtPqlowq d7ifQ+4X3AhP1YbiUsFJlU2nBotU7ACqRV39oeWrDZMMW5ZoeTf5SZjC022tdA67db2w nisRws0tr/Sizp+KBJwkE6VR3zBjoJ+k5/DiQmBW6Jgf0Vn8ZTfWI16AXoeu6JeyWVEx 4EXMAaqPsUcHzB5U+hE0xsOWrqAmrzm9hH6FYqI2cwDVPsi1I62RFcKu8Dkb9O/Wfaog fFcJS3G0S2ETbY24xYAC8oCeCpGhWTihPjOJdMuCw6txYOUK8s7MNUF+Q4al3M2Cg+Vh xQMA== X-Gm-Message-State: AAQBX9ctpBJ595Ac/oQBRwsuebIe0foeXeHCXwr+gDSiDyYA9Z44xJ3m cx+AJbGHai4BSHaflnsnHMpJ1i4PUv1SKDnJTGg= X-Google-Smtp-Source: AKy350ZI2Ok+bDidDQOrbEqfzAtu6OplHvLKcuvsvAOdjriGgmR7zIXjEHwKcCWX3pQaTn37C0WM3g== X-Received: by 2002:a05:6808:1913:b0:38d:ef97:a2db with SMTP id bf19-20020a056808191300b0038def97a2dbmr3936746oib.5.1682112354328; Fri, 21 Apr 2023 14:25:54 -0700 (PDT) Received: from localhost.localdomain ([2804:14d:5c5e:44fb:7380:c348:a30c:7e82]) by smtp.gmail.com with ESMTPSA id j11-20020a4a888b000000b00524fe20aee5sm2147663ooa.34.2023.04.21.14.25.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Apr 2023 14:25:54 -0700 (PDT) From: Pedro Tammela To: netdev@vger.kernel.org Cc: jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, simon.horman@corigine.com, Pedro Tammela Subject: [PATCH net-next v5 5/5] net/sched: act_pedit: rate limit datapath messages Date: Fri, 21 Apr 2023 18:25:17 -0300 Message-Id: <20230421212516.406726-6-pctammela@mojatatu.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230421212516.406726-1-pctammela@mojatatu.com> References: <20230421212516.406726-1-pctammela@mojatatu.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Unbounded info messages in the pedit datapath can flood the printk ring buffer quite easily depending on the action created. As these messages are informational, usually printing some, not all, is enough to bring attention to the real issue. Reviewed-by: Jamal Hadi Salim Reviewed-by: Simon Horman Signed-off-by: Pedro Tammela --- net/sched/act_pedit.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/net/sched/act_pedit.c b/net/sched/act_pedit.c index 2fec4473d800..fb93d4c1faca 100644 --- a/net/sched/act_pedit.c +++ b/net/sched/act_pedit.c @@ -396,8 +396,8 @@ TC_INDIRECT_SCOPE int tcf_pedit_act(struct sk_buff *skb, u8 *d, _d; if (!offset_valid(skb, hoffset + tkey->at)) { - pr_info("tc action pedit 'at' offset %d out of bounds\n", - hoffset + tkey->at); + pr_info_ratelimited("tc action pedit 'at' offset %d out of bounds\n", + hoffset + tkey->at); goto bad; } d = skb_header_pointer(skb, hoffset + tkey->at, @@ -407,14 +407,13 @@ TC_INDIRECT_SCOPE int tcf_pedit_act(struct sk_buff *skb, offset += (*d & tkey->offmask) >> tkey->shift; if (offset % 4) { - pr_info("tc action pedit offset must be on 32 bit boundaries\n"); + pr_info_ratelimited("tc action pedit offset must be on 32 bit boundaries\n"); goto bad; } } if (!offset_valid(skb, hoffset + offset)) { - pr_info("tc action pedit offset %d out of bounds\n", - hoffset + offset); + pr_info_ratelimited("tc action pedit offset %d out of bounds\n", hoffset + offset); goto bad; } @@ -431,8 +430,7 @@ TC_INDIRECT_SCOPE int tcf_pedit_act(struct sk_buff *skb, val = (*ptr + tkey->val) & ~tkey->mask; break; default: - pr_info("tc action pedit bad command (%d)\n", - cmd); + pr_info_ratelimited("tc action pedit bad command (%d)\n", cmd); goto bad; }