From: Ido Schimmel <idosch@nvidia.com>
To: <netdev@vger.kernel.org>
Cc: <davem@davemloft.net>, <kuba@kernel.org>, <pabeni@redhat.com>,
<edumazet@google.com>, <andrew+netdev@lunn.ch>,
<horms@kernel.org>, <razor@blackwall.org>, <petrm@nvidia.com>,
<mcremers@cloudbear.nl>, "Ido Schimmel" <idosch@nvidia.com>
Subject: [PATCH net 0/3] vxlan: Fix NPDs when using nexthop objects
Date: Mon, 1 Sep 2025 09:50:32 +0300 [thread overview]
Message-ID: <20250901065035.159644-1-idosch@nvidia.com> (raw)
With FDB nexthop groups, VXLAN FDB entries do not necessarily point to a
remote destination but rather to an FDB nexthop group. This means that
first_remote_{rcu,rtnl}() can return NULL and a few places in the driver
were not ready for that, resulting in NULL pointer dereferences.
Patches #1-#2 fix these NPDs.
Note that vxlan_fdb_find_uc() still dereferences the remote returned by
first_remote_rcu() without checking that it is not NULL, but this
function is only invoked by a single driver which vetoes the creation of
FDB nexthop groups. I will patch this in net-next to make the code less
fragile.
Patch #3 adds a selftests which exercises these code paths and tests
basic Tx functionality with FDB nexthop groups. I verified that the test
crashes the kernel without the first two patches.
Ido Schimmel (3):
vxlan: Fix NPD when refreshing an FDB entry with a nexthop object
vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects
selftests: net: Add a selftest for VXLAN with FDB nexthop groups
drivers/net/vxlan/vxlan_core.c | 18 +-
drivers/net/vxlan/vxlan_private.h | 4 +-
tools/testing/selftests/net/Makefile | 1 +
tools/testing/selftests/net/test_vxlan_nh.sh | 223 +++++++++++++++++++
4 files changed, 237 insertions(+), 9 deletions(-)
create mode 100755 tools/testing/selftests/net/test_vxlan_nh.sh
--
2.51.0
next reply other threads:[~2025-09-01 6:52 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-01 6:50 Ido Schimmel [this message]
2025-09-01 6:50 ` [PATCH net 1/3] vxlan: Fix NPD when refreshing an FDB entry with a nexthop object Ido Schimmel
2025-09-02 12:16 ` Nikolay Aleksandrov
2025-09-01 6:50 ` [PATCH net 2/3] vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects Ido Schimmel
2025-09-02 12:17 ` Nikolay Aleksandrov
2025-09-01 6:50 ` [PATCH net 3/3] selftests: net: Add a selftest for VXLAN with FDB nexthop groups Ido Schimmel
2025-09-02 12:17 ` Nikolay Aleksandrov
2025-09-03 0:10 ` [PATCH net 0/3] vxlan: Fix NPDs when using nexthop objects patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250901065035.159644-1-idosch@nvidia.com \
--to=idosch@nvidia.com \
--cc=andrew+netdev@lunn.ch \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=kuba@kernel.org \
--cc=mcremers@cloudbear.nl \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=petrm@nvidia.com \
--cc=razor@blackwall.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.