From: Florian Westphal <fw@strlen.de>
To: steffen.klassert@secunet.com
Cc: xiyou.wangcong@gmail.com, <netdev@vger.kernel.org>,
Florian Westphal <fw@strlen.de>
Subject: [PATCH ipsec 7/7] xfrm: policy: fix infinite loop when merging src-nodes
Date: Fri, 4 Jan 2019 14:17:05 +0100 [thread overview]
Message-ID: <20190104131705.9550-8-fw@strlen.de> (raw)
In-Reply-To: <20190104131705.9550-1-fw@strlen.de>
With very small change to test script we can trigger softlockup due to
bogus assignment of 'p' (policy to be examined) on restart.
Previously the two to-be-merged nodes had same address/prefixlength pair,
so no erase/reinsert was necessary, we only had to append the list from
node a to b.
If prefix lengths are different, the node has to be deleted and re-inserted
into the tree, with the updated prefix length. This was broken; due to
bogus update to 'p' this loops forever.
Add a 'restart' label and use that instead.
While at it, don't perform the unneeded reinserts of the policies that
are already sorted into the 'new' node.
A previous patch in this series made xfrm_policy_inexact_list_reinsert()
use the relative position indicator to sort policies according to age in
case priorities are identical.
Fixes: 6ac098b2a9d30 ("xfrm: policy: add 2nd-level saddr trees for inexact policies")
Signed-off-by: Florian Westphal <fw@strlen.de>
---
net/xfrm/xfrm_policy.c | 15 +++++++--------
tools/testing/selftests/net/xfrm_policy.sh | 4 ++--
2 files changed, 9 insertions(+), 10 deletions(-)
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index e691683223ee..8cfd75b62396 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -886,12 +886,13 @@ static void xfrm_policy_inexact_node_reinsert(struct net *net,
struct rb_root *new,
u16 family)
{
- struct rb_node **p, *parent = NULL;
struct xfrm_pol_inexact_node *node;
+ struct rb_node **p, *parent;
/* we should not have another subtree here */
WARN_ON_ONCE(!RB_EMPTY_ROOT(&n->root));
-
+restart:
+ parent = NULL;
p = &new->rb_node;
while (*p) {
u8 prefixlen;
@@ -911,12 +912,11 @@ static void xfrm_policy_inexact_node_reinsert(struct net *net,
} else {
struct xfrm_policy *tmp;
- hlist_for_each_entry(tmp, &node->hhead, bydst)
- tmp->bydst_reinsert = true;
- hlist_for_each_entry(tmp, &n->hhead, bydst)
+ hlist_for_each_entry(tmp, &n->hhead, bydst) {
tmp->bydst_reinsert = true;
+ hlist_del_rcu(&tmp->bydst);
+ }
- INIT_HLIST_HEAD(&node->hhead);
xfrm_policy_inexact_list_reinsert(net, node, family);
if (node->prefixlen == n->prefixlen) {
@@ -928,8 +928,7 @@ static void xfrm_policy_inexact_node_reinsert(struct net *net,
kfree_rcu(n, rcu);
n = node;
n->prefixlen = prefixlen;
- *p = new->rb_node;
- parent = NULL;
+ goto restart;
}
}
diff --git a/tools/testing/selftests/net/xfrm_policy.sh b/tools/testing/selftests/net/xfrm_policy.sh
index 8ce54600d4d1..71d7fdc513c1 100755
--- a/tools/testing/selftests/net/xfrm_policy.sh
+++ b/tools/testing/selftests/net/xfrm_policy.sh
@@ -78,8 +78,8 @@ do_overlap()
# adds a new node in the 10.0.0.0/24 tree (dst node exists).
ip -net $ns xfrm policy add src 10.2.0.0/24 dst 10.0.0.0/24 dir fwd priority 200 action block
- # adds a 10.2.0.0/24 node, but for different dst.
- ip -net $ns xfrm policy add src 10.2.0.0/24 dst 10.0.1.0/24 dir fwd priority 200 action block
+ # adds a 10.2.0.0/23 node, but for different dst.
+ ip -net $ns xfrm policy add src 10.2.0.0/23 dst 10.0.1.0/24 dir fwd priority 200 action block
# dst now overlaps with the 10.0.1.0/24 ESP policy in fwd.
# kernel must 'promote' existing one (10.0.0.0/24) to 10.0.0.0/23.
--
2.19.2
next prev parent reply other threads:[~2019-01-04 13:19 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-04 13:16 [PATCH ipsec 0/7] xfrm: policy: fix various bugs Florian Westphal
2019-01-04 13:16 ` [PATCH ipsec 1/7] selftests: xfrm: add block rules with adjacent/overlapping subnets Florian Westphal
2019-01-04 13:17 ` [PATCH ipsec 2/7] xfrm: policy: use hlist rcu variants on inexact insert, part 2 Florian Westphal
2019-01-04 13:17 ` [PATCH ipsec 3/7] xfrm: policy: increment xfrm_hash_generation on hash rebuild Florian Westphal
2019-01-04 13:17 ` [PATCH ipsec 4/7] xfrm: policy: delete inexact policies from inexact list " Florian Westphal
2019-01-05 4:46 ` Cong Wang
2019-01-05 9:53 ` Florian Westphal
2019-01-04 13:17 ` [PATCH ipsec 5/7] xfrm: policy: fix reinsertion on node merge Florian Westphal
2019-01-05 4:48 ` Cong Wang
2019-01-05 9:57 ` Florian Westphal
2019-01-04 13:17 ` [PATCH ipsec 6/7] selftests: xfrm: alter htresh to trigger move of policies to hash table Florian Westphal
2019-01-04 13:17 ` Florian Westphal [this message]
2019-01-05 4:49 ` [PATCH ipsec 7/7] xfrm: policy: fix infinite loop when merging src-nodes Cong Wang
2019-01-05 9:59 ` Florian Westphal
2019-01-09 13:03 ` Steffen Klassert
2019-01-10 8:09 ` [PATCH ipsec 0/7] xfrm: policy: fix various bugs Steffen Klassert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190104131705.9550-8-fw@strlen.de \
--to=fw@strlen.de \
--cc=netdev@vger.kernel.org \
--cc=steffen.klassert@secunet.com \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).