Re: [PATCH net-next v6 1/1] net sched actions: Add support for user cookies

public inbox for netdev@vger.kernel.org 
 help / color / mirror / Atom feed

From: Daniel Borkmann <daniel@iogearbox•net>
To: Simon Horman <simon.horman@netronome•com>,
	Jamal Hadi Salim <jhs@mojatatu•com>
Cc: davem@davemloft•net, netdev@vger•kernel.org, jiri@mellanox•com,
	paulb@mellanox•com, john.fastabend@gmail•com, mrv@mojatatu•com,
	hadarh@mellanox•com, ogerlitz@mellanox•com, roid@mellanox•com,
	xiyou.wangcong@gmail•com
Subject: Re: [PATCH net-next v6 1/1] net sched actions: Add support for user cookies
Date: Mon, 23 Jan 2017 17:18:47 +0100	[thread overview]
Message-ID: <58862CE7.2080906@iogearbox.net> (raw)
In-Reply-To: <20170123125838.GD31958@penelope.horms.nl>

On 01/23/2017 01:58 PM, Simon Horman wrote:
> Hi Jamal,
>
> On Sun, Jan 22, 2017 at 03:25:50PM -0500, Jamal Hadi Salim wrote:
>
> ...
>
>> diff --git a/net/sched/act_api.c b/net/sched/act_api.c
>> index cd08df9..58cf1c5 100644
>> --- a/net/sched/act_api.c
>> +++ b/net/sched/act_api.c
>> @@ -24,6 +24,7 @@
>>   #include <net/net_namespace.h>
>>   #include <net/sock.h>
>>   #include <net/sch_generic.h>
>> +#include <net/pkt_cls.h>
>>   #include <net/act_api.h>
>>   #include <net/netlink.h>
>>
>> @@ -33,6 +34,8 @@ static void free_tcf(struct rcu_head *head)
>>
>>   	free_percpu(p->cpu_bstats);
>>   	free_percpu(p->cpu_qstats);
>> +	kfree(p->act_cookie->data);
>
> Does the above need to be protected by a check for p->act_cookie being non-NULL?

Yep, that would be a NULL-deref. Why not just embedd tc_cookie as
suggested earlier, the struct is rather small anyway ...

>> +	kfree(p->act_cookie);
>>   	kfree(p);
>>   }
>>
>
> ...
>
>> @@ -575,6 +584,33 @@ struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla,
>>   	if (err < 0)
>>   		goto err_mod;
>>
>> +	if (tb[TCA_ACT_COOKIE]) {
>> +		int cklen = nla_len(tb[TCA_ACT_COOKIE]);
>> +
>> +		if (cklen > TC_COOKIE_MAX_SIZE) {
>> +			err = -EINVAL;
>> +			tcf_hash_release(a, bind);
>> +			goto err_mod;
>> +		}
>> +
>> +		a->act_cookie = kzalloc(sizeof(*a->act_cookie), GFP_KERNEL);
>> +		if (!a->act_cookie) {
>> +			err = -ENOMEM;
>> +			tcf_hash_release(a, bind);
>> +			goto err_mod;
>> +		}
>> +
>> +		a->act_cookie->data = nla_memdup(tb[TCA_ACT_COOKIE],
>> +						 GFP_KERNEL);
>> +		if (!a->act_cookie->data) {
>> +			err = -ENOMEM;
>> +			kfree(a->act_cookie);
>> +			tcf_hash_release(a, bind);
>> +			goto err_mod;
>> +		}
>> +		a->act_cookie->len = cklen;
>
> FWIW, the above looks correct but it also looks like the error handling
> could be done less verbosely if the logic was moved to a separate function.
>
>> +	}
>> +
>>   	/* module count goes up only when brand new policy is created
>>   	 * if it exists and is only bound to in a_o->init() then
>>   	 * ACT_P_CREATED is not returned (a zero is).
>> --
>> 1.9.1
>>

next prev parent reply	other threads:[~2017-01-23 16:18 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-01-22 20:25 [PATCH net-next v6 1/1] net sched actions: Add support for user cookies Jamal Hadi Salim
2017-01-23  7:48 ` Jiri Pirko
2017-01-23 12:58 ` Simon Horman
2017-01-23 16:18   ` Daniel Borkmann [this message]
2017-01-24 11:46     ` Jamal Hadi Salim
2017-01-24 11:09   ` Jamal Hadi Salim

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=58862CE7.2080906@iogearbox.net \
    --to=daniel@iogearbox$(echo .)net \
    --cc=davem@davemloft$(echo .)net \
    --cc=hadarh@mellanox$(echo .)com \
    --cc=jhs@mojatatu$(echo .)com \
    --cc=jiri@mellanox$(echo .)com \
    --cc=john.fastabend@gmail$(echo .)com \
    --cc=mrv@mojatatu$(echo .)com \
    --cc=netdev@vger$(echo .)kernel.org \
    --cc=ogerlitz@mellanox$(echo .)com \
    --cc=paulb@mellanox$(echo .)com \
    --cc=roid@mellanox$(echo .)com \
    --cc=simon.horman@netronome$(echo .)com \
    --cc=xiyou.wangcong@gmail$(echo .)com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox