From: Simon Horman <horms@kernel.org>
To: tariqt@nvidia.com
Cc: 'Simon Horman' <horms@kernel.org>,
edumazet@google.com, kuba@kernel.org, pabeni@redhat.com,
andrew+netdev@lunn.ch, davem@davemloft.net, borisp@nvidia.com,
saeedm@nvidia.com, leon@kernel.org, mbloch@nvidia.com,
jianbol@nvidia.com, cjubran@nvidia.com, acassen@corp.free.fr,
kees@kernel.org, Jason@zx2c4.com,
michal.swiatkowski@linux.intel.com, fmancera@suse.de,
antonio@openvpn.net, cratiu@nvidia.com, ecree.xilinx@gmail.com,
sridhar.samudrala@intel.com, netdev@vger.kernel.org,
linux-rdma@vger.kernel.org, linux-kernel@vger.kernel.org,
gal@nvidia.com, leonro@nvidia.com
Subject: Re: [PATCH net] net/mlx5e: Skip IPsec flow modify when MAC address is unchanged
Date: Mon, 18 May 2026 12:27:11 +0100 [thread overview]
Message-ID: <20260518112710.510979-2-horms@kernel.org> (raw)
In-Reply-To: <20260513190226.335562-1-tariqt@nvidia.com>
From: 'Simon Horman' <horms@kernel.org>
This is an AI-generated review of your patch. The human sending this
email has considered the AI review valid, or at least plausible.
Full review at: https://sashiko.dev
---
net/mlx5e: Skip IPsec flow modify when MAC address is unchanged
When a netdev event fires for an IPsec SA, skip calling
mlx5e_accel_ipsec_fs_modify() if the MAC address has not changed and
the rule is not in drop mode. This avoids redundant hardware updates.
> diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c
> index a52e12c3c95a2..f567cd801adb3 100644
> --- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c
> +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c
> @@ -674,19 +674,26 @@ static void mlx5e_ipsec_handle_netdev_event(struct work_struct *_work)
> struct mlx5e_ipsec_sa_entry *sa_entry = work->sa_entry;
> struct mlx5e_ipsec_netevent_data *data = work->data;
> struct mlx5_accel_esp_xfrm_attrs *attrs;
[ ... ]
> +
> + if (ether_addr_equal(mac, data->addr) && !attrs->drop)
> + return;
> +
> + ether_addr_copy(mac, data->addr);
> attrs->drop = false;
> mlx5e_accel_ipsec_fs_modify(sa_entry);
If mlx5e_accel_ipsec_fs_modify() fails (for example, due to a memory
allocation failure), does this early return prevent the hardware state
from recovering?
Since attrs->drop and the mac address are updated before calling
mlx5e_accel_ipsec_fs_modify(), a failure in the hardware update leaves the
software state out of sync with the hardware.
Prior to this patch, a subsequent netdev event for the same neighbor would
unconditionally retry the hardware update. With this patch, the early return
sees the optimistically updated software state, matches it, and skips the
retry, potentially leaving the hardware permanently stuck in a dropped or
failed state.
Also, can sa_entry->work and sa_entry->dwork execute concurrently?
Both sa_entry->work (which executes mlx5e_ipsec_handle_netdev_event()) and
sa_entry->dwork (which executes mlx5e_ipsec_handle_sw_limits()) are queued
to ipsec->wq. Since this is an unbound workqueue with max_active=0, works
can execute concurrently.
Neither handler appears to hold a lock when calling
mlx5e_accel_ipsec_fs_modify(sa_entry). If both handlers run concurrently,
could this happen:
Thread 1:
mlx5e_accel_ipsec_fs_modify(sa_entry)
memcpy(&sa_entry_shadow, sa_entry, sizeof(*sa_entry));
mlx5e_accel_ipsec_fs_add_rule(&sa_entry_shadow);
Thread 2:
mlx5e_accel_ipsec_fs_modify(sa_entry)
memcpy(&sa_entry_shadow, sa_entry, sizeof(*sa_entry));
mlx5e_accel_ipsec_fs_add_rule(&sa_entry_shadow);
Both threads would then call mlx5e_accel_ipsec_fs_del_rule(sa_entry),
potentially causing a double-free of the exact same ipsec_rule->rule and
ipsec_rule->fc. The subsequent memcpy(sa_entry, &sa_entry_shadow, ...)
would then cause one thread to overwrite the other's newly created rule
pointers, leaking the flow rules.
> }
next prev parent reply other threads:[~2026-05-18 11:27 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-13 19:02 [PATCH net] net/mlx5e: Skip IPsec flow modify when MAC address is unchanged Tariq Toukan
2026-05-18 11:27 ` Simon Horman [this message]
2026-05-19 8:09 ` Paolo Abeni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260518112710.510979-2-horms@kernel.org \
--to=horms@kernel.org \
--cc=Jason@zx2c4.com \
--cc=acassen@corp.free.fr \
--cc=andrew+netdev@lunn.ch \
--cc=antonio@openvpn.net \
--cc=borisp@nvidia.com \
--cc=cjubran@nvidia.com \
--cc=cratiu@nvidia.com \
--cc=davem@davemloft.net \
--cc=ecree.xilinx@gmail.com \
--cc=edumazet@google.com \
--cc=fmancera@suse.de \
--cc=gal@nvidia.com \
--cc=jianbol@nvidia.com \
--cc=kees@kernel.org \
--cc=kuba@kernel.org \
--cc=leon@kernel.org \
--cc=leonro@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=mbloch@nvidia.com \
--cc=michal.swiatkowski@linux.intel.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=saeedm@nvidia.com \
--cc=sridhar.samudrala@intel.com \
--cc=tariqt@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox