All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jakub Sitnicki <jakub@cloudflare.com>
To: Martin KaFai Lau <kafai@fb.com>
Cc: Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>, <kernel-team@fb.com>,
	<netdev@vger.kernel.org>, <bpf@vger.kernel.org>
Subject: Re: [PATCH v2 bpf 1/2] bpf: net: Avoid copying sk_user_data of reuseport_array during sk_clone
Date: Thu, 9 Jul 2020 18:46:03 +0200	[thread overview]
Message-ID: <20200709184603.5afe6db2@toad> (raw)
In-Reply-To: <20200709061104.4018798-1-kafai@fb.com>

On Thu, 09 Jul 2020 06:11:04 +0000
Martin KaFai Lau <kafai@fb.com> wrote:

> It makes little sense for copying sk_user_data of reuseport_array during
> sk_clone_lock().  This patch reuses the SK_USER_DATA_NOCOPY bit introduced in
> commit f1ff5ce2cd5e ("net, sk_msg: Clear sk_user_data pointer on clone if tagged").
> It is used to mark the sk_user_data is not supposed to be copied to its clone.
> 
> Although the cloned sk's sk_user_data will not be used/freed in
> bpf_sk_reuseport_detach(), this change can still allow the cloned
> sk's sk_user_data to be used by some other means.
> 
> Freeing the reuseport_array's sk_user_data does not require a rcu grace
> period.  Thus, the existing rcu_assign_sk_user_data_nocopy() is not
> used.
> 
> Fixes: 5dc4c4b7d4e8 ("bpf: Introduce BPF_MAP_TYPE_REUSEPORT_SOCKARRAY")
> Signed-off-by: Martin KaFai Lau <kafai@fb.com>
> ---
>  kernel/bpf/reuseport_array.c | 13 +++++++++----
>  1 file changed, 9 insertions(+), 4 deletions(-)
> 
> diff --git a/kernel/bpf/reuseport_array.c b/kernel/bpf/reuseport_array.c
> index 21cde24386db..a95bc8d7e812 100644
> --- a/kernel/bpf/reuseport_array.c
> +++ b/kernel/bpf/reuseport_array.c
> @@ -20,11 +20,14 @@ static struct reuseport_array *reuseport_array(struct bpf_map *map)
>  /* The caller must hold the reuseport_lock */
>  void bpf_sk_reuseport_detach(struct sock *sk)
>  {
> -	struct sock __rcu **socks;
> +	uintptr_t sk_user_data;
>  
>  	write_lock_bh(&sk->sk_callback_lock);
> -	socks = sk->sk_user_data;
> -	if (socks) {
> +	sk_user_data = (uintptr_t)sk->sk_user_data;
> +	if (sk_user_data) {
> +		struct sock __rcu **socks;
> +
> +		socks = (void *)(sk_user_data & SK_USER_DATA_PTRMASK);
>  		WRITE_ONCE(sk->sk_user_data, NULL);
>  		/*
>  		 * Do not move this NULL assignment outside of
> @@ -252,6 +255,7 @@ int bpf_fd_reuseport_array_update_elem(struct bpf_map *map, void *key,
>  	struct sock *free_osk = NULL, *osk, *nsk;
>  	struct sock_reuseport *reuse;
>  	u32 index = *(u32 *)key;
> +	uintptr_t sk_user_data;
>  	struct socket *socket;
>  	int err, fd;
>  
> @@ -305,7 +309,8 @@ int bpf_fd_reuseport_array_update_elem(struct bpf_map *map, void *key,
>  	if (err)
>  		goto put_file_unlock;
>  
> -	WRITE_ONCE(nsk->sk_user_data, &array->ptrs[index]);
> +	sk_user_data = (uintptr_t)&array->ptrs[index] | SK_USER_DATA_NOCOPY;
> +	WRITE_ONCE(nsk->sk_user_data, (void *)sk_user_data);
>  	rcu_assign_pointer(array->ptrs[index], nsk);
>  	free_osk = osk;
>  	err = 0;

Thanks for fixing this before I got around to it.
Now we can use reuseport with sockmap splicing :-)

Reviewed-by: Jakub Sitnicki <jakub@cloudflare.com>

  reply	other threads:[~2020-07-09 16:46 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-09  6:10 [PATCH v2 bpf 0/2] bpf: net: Fixes in sk_user_data of reuseport_array Martin KaFai Lau
2020-07-09  6:11 ` [PATCH v2 bpf 1/2] bpf: net: Avoid copying sk_user_data of reuseport_array during sk_clone Martin KaFai Lau
2020-07-09 16:46   ` Jakub Sitnicki [this message]
2020-07-09 20:07   ` Daniel Borkmann
2020-07-09 21:27     ` Martin KaFai Lau
2020-07-09  6:11 ` [PATCH v2 bpf 2/2] bpf: net: Avoid incorrect bpf_sk_reuseport_detach call Martin KaFai Lau
2020-07-09 10:58   ` James Chapman
2020-07-09 18:47     ` Martin KaFai Lau
2020-07-09 20:07 ` [PATCH v2 bpf 0/2] bpf: net: Fixes in sk_user_data of reuseport_array Daniel Borkmann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200709184603.5afe6db2@toad \
    --to=jakub@cloudflare.com \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=kafai@fb.com \
    --cc=kernel-team@fb.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.