shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-05 18:41:58 +09:00
Code Issues Packages Projects Releases Wiki Activity

flow_dissector: use RCU protection to fetch dev_net()

Browse Source 
[ Upstream commit afec62cd0a4191cde6dd3a75382be4d51a38ce9b ]

__skb_flow_dissect() can be called from arbitrary contexts.

It must extend its RCU protection section to include
the call to dev_net(), which can become dev_net_rcu().

This makes sure the net structure can not disappear under us.

Fixes: 9b52e3f267 ("flow_dissector: handle no-skb use case")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Link: https://patch.msgid.link/20250205155120.1676781-10-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Eric Dumazet
2025-02-05 15:51:17 +00:00
committed by Greg Kroah-Hartman
parent 85a1d9b0b4
commit d13d8a3486
1 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
net/core/flow_dissector.c
View File

@@ -1004,10 +1004,12 @@ bool __skb_flow_dissect(const struct net *net,
FLOW_DISSECTOR_KEY_BASIC, FLOW_DISSECTOR_KEY_BASIC,
target_container); target_container);
rcu_read_lock();
if (skb) { if (skb) {
if (!net) { if (!net) {
if (skb->dev) if (skb->dev)
net = dev_net(skb->dev); net = dev_net_rcu(skb->dev);
else if (skb->sk) else if (skb->sk)
net = sock_net(skb->sk); net = sock_net(skb->sk);
} }
@@ -1018,7 +1020,6 @@ bool __skb_flow_dissect(const struct net *net,
enum netns_bpf_attach_type type = NETNS_BPF_FLOW_DISSECTOR; enum netns_bpf_attach_type type = NETNS_BPF_FLOW_DISSECTOR;
struct bpf_prog_array *run_array; struct bpf_prog_array *run_array;
rcu_read_lock();
run_array = rcu_dereference(init_net.bpf.run_array[type]); run_array = rcu_dereference(init_net.bpf.run_array[type]);
if (!run_array) if (!run_array)
run_array = rcu_dereference(net->bpf.run_array[type]); run_array = rcu_dereference(net->bpf.run_array[type]);
@@ -1046,17 +1047,17 @@ bool __skb_flow_dissect(const struct net *net,
prog = READ_ONCE(run_array->items[0].prog); prog = READ_ONCE(run_array->items[0].prog);
result = bpf_flow_dissect(prog, &ctx, n_proto, nhoff, result = bpf_flow_dissect(prog, &ctx, n_proto, nhoff,
hlen, flags); hlen, flags);
if (result == BPF_FLOW_DISSECTOR_CONTINUE) if (result != BPF_FLOW_DISSECTOR_CONTINUE) {
goto dissect_continue; __skb_flow_bpf_to_target(&flow_keys, flow_dissector,
__skb_flow_bpf_to_target(&flow_keys, flow_dissector, target_container);
target_container); rcu_read_unlock();
rcu_read_unlock(); return result == BPF_OK;
return result == BPF_OK; }
} }
dissect_continue:
rcu_read_unlock();
} }
rcu_read_unlock();
if (dissector_uses_key(flow_dissector, if (dissector_uses_key(flow_dissector,
FLOW_DISSECTOR_KEY_ETH_ADDRS)) { FLOW_DISSECTOR_KEY_ETH_ADDRS)) {
struct ethhdr *eth = eth_hdr(skb); struct ethhdr *eth = eth_hdr(skb);