Skip to content

Commit 193025e

Browse files
davem330davem330
committed
Merge branch 'vxlan-fdb-nexthop-misc-fixes'
Roopa Prabhu says: ==================== vxlan fdb nexthop misc fixes Roopa Prabhu (2): vxlan: add check to prevent use of remote ip attributes with NDA_NH_ID vxlan: few locking fixes in nexthop event handler ==================== Signed-off-by: David S. Miller <[email protected]>
2 parents d9f0d66 + 79472fe commit 193025e

File tree

1 file changed

+29
-7
lines changed

1 file changed

+29
-7
lines changed

drivers/net/vxlan.c

Lines changed: 29 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ struct vxlan_fdb {
8181
u16 flags; /* see ndm_flags and below */
8282
struct list_head nh_list;
8383
struct nexthop __rcu *nh;
84-
struct vxlan_dev *vdev;
84+
struct vxlan_dev __rcu *vdev;
8585
};
8686

8787
#define NTF_VXLAN_ADDED_BY_USER 0x100
@@ -837,7 +837,7 @@ static struct vxlan_fdb *vxlan_fdb_alloc(struct vxlan_dev *vxlan, const u8 *mac,
837837
f->updated = f->used = jiffies;
838838
f->vni = src_vni;
839839
f->nh = NULL;
840-
f->vdev = vxlan;
840+
RCU_INIT_POINTER(f->vdev, vxlan);
841841
INIT_LIST_HEAD(&f->nh_list);
842842
INIT_LIST_HEAD(&f->remotes);
843843
memcpy(f->eth_addr, mac, ETH_ALEN);
@@ -963,7 +963,7 @@ static void __vxlan_fdb_free(struct vxlan_fdb *f)
963963
nh = rcu_dereference_raw(f->nh);
964964
if (nh) {
965965
rcu_assign_pointer(f->nh, NULL);
966-
list_del_rcu(&f->nh_list);
966+
rcu_assign_pointer(f->vdev, NULL);
967967
nexthop_put(nh);
968968
}
969969

@@ -1000,7 +1000,7 @@ static void vxlan_fdb_destroy(struct vxlan_dev *vxlan, struct vxlan_fdb *f,
10001000
}
10011001

10021002
hlist_del_rcu(&f->hlist);
1003-
f->vdev = NULL;
1003+
list_del_rcu(&f->nh_list);
10041004
call_rcu(&f->rcu, vxlan_fdb_free);
10051005
}
10061006

@@ -1196,6 +1196,10 @@ static int vxlan_fdb_parse(struct nlattr *tb[], struct vxlan_dev *vxlan,
11961196
struct net *net = dev_net(vxlan->dev);
11971197
int err;
11981198

1199+
if (tb[NDA_NH_ID] && (tb[NDA_DST] || tb[NDA_VNI] || tb[NDA_IFINDEX] ||
1200+
tb[NDA_PORT]))
1201+
return -EINVAL;
1202+
11991203
if (tb[NDA_DST]) {
12001204
err = vxlan_nla_get_addr(ip, tb[NDA_DST]);
12011205
if (err)
@@ -4611,17 +4615,35 @@ static struct notifier_block vxlan_switchdev_notifier_block __read_mostly = {
46114615
.notifier_call = vxlan_switchdev_event,
46124616
};
46134617

4618+
static void vxlan_fdb_nh_flush(struct nexthop *nh)
4619+
{
4620+
struct vxlan_fdb *fdb;
4621+
struct vxlan_dev *vxlan;
4622+
u32 hash_index;
4623+
4624+
rcu_read_lock();
4625+
list_for_each_entry_rcu(fdb, &nh->fdb_list, nh_list) {
4626+
vxlan = rcu_dereference(fdb->vdev);
4627+
WARN_ON(!vxlan);
4628+
hash_index = fdb_head_index(vxlan, fdb->eth_addr,
4629+
vxlan->default_dst.remote_vni);
4630+
spin_lock_bh(&vxlan->hash_lock[hash_index]);
4631+
if (!hlist_unhashed(&fdb->hlist))
4632+
vxlan_fdb_destroy(vxlan, fdb, false, false);
4633+
spin_unlock_bh(&vxlan->hash_lock[hash_index]);
4634+
}
4635+
rcu_read_unlock();
4636+
}
4637+
46144638
static int vxlan_nexthop_event(struct notifier_block *nb,
46154639
unsigned long event, void *ptr)
46164640
{
46174641
struct nexthop *nh = ptr;
4618-
struct vxlan_fdb *fdb, *tmp;
46194642

46204643
if (!nh || event != NEXTHOP_EVENT_DEL)
46214644
return NOTIFY_DONE;
46224645

4623-
list_for_each_entry_safe(fdb, tmp, &nh->fdb_list, nh_list)
4624-
vxlan_fdb_destroy(fdb->vdev, fdb, false, false);
4646+
vxlan_fdb_nh_flush(nh);
46254647

46264648
return NOTIFY_DONE;
46274649
}

0 commit comments

Comments
 (0)