[PATCH net-next v6 1/1] net sched actions: Add support for user cookies

[PATCH net-next v6 1/1] net sched actions: Add support for user cookies

[Jamal Hadi Salim]

From: Jamal Hadi Salim <jhs@mojatatu.com>

Introduce optional 128-bit action cookie.
Like all other cookie schemes in the networking world (eg in protocols
like http or existing kernel fib protocol field, etc) the idea is to save
user state that when retrieved serves as a correlator. The kernel
_should not_ intepret it.  The user can store whatever they wish in the
128 bits.

Sample exercise(showing variable length use of cookie)

.. create an accept action with cookie a1b2c3d4
sudo $TC actions add action ok index 1 cookie a1b2c3d4

.. dump all gact actions..
sudo $TC -s actions ls action gact

    action order 0: gact action pass
     random type none pass val 0
     index 1 ref 1 bind 0 installed 5 sec used 5 sec
    Action statistics:
    Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
    backlog 0b 0p requeues 0
    cookie a1b2c3d4

.. bind the accept action to a filter..
sudo $TC filter add dev lo parent ffff: protocol ip prio 1 \
u32 match ip dst 127.0.0.1/32 flowid 1:1 action gact index 1

... send some traffic..
$ ping 127.0.0.1 -c 3
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.020 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.027 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.038 ms

--- 127.0.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2109ms
rtt min/avg/max/mdev = 0.020/0.028/0.038/0.008 ms 1

... show some stats
$ sudo $TC -s actions get action gact index 1

    action order 1: gact action pass
     random type none pass val 0
     index 1 ref 2 bind 1 installed 204 sec used 5 sec
    Action statistics:
        Sent 12168 bytes 164 pkt (dropped 0, overlimits 0 requeues 0)
    backlog 0b 0p requeues 0
    cookie a1b2c3d4

.. try longer cookie...
$ sudo $TC actions replace action ok index 1 cookie 1234567890abcdef
.. dump..
$ sudo $TC -s actions ls action gact

    action order 1: gact action pass
     random type none pass val 0
     index 1 ref 2 bind 1 installed 204 sec used 5 sec
    Action statistics:
        Sent 12168 bytes 164 pkt (dropped 0, overlimits 0 requeues 0)
    backlog 0b 0p requeues 0
    cookie 1234567890abcdef

Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
---
Changes in v6:
 - fix mem leak caught by Florian

Changes in V5:
 - kill the stylistic changes
 - Adopt a new structure with length-valuepointer representation
 - rename some things

Changes in v4:
 - move stylistic changes out into a separate patch
   (and add more stylistic changes)

Changes in v3:
 - use TC_ prefix for the max size
 - move the cookie struct so visible only to kernel
 - remove unneeded void * cast

Changes in V2:
 -move from a union to a length-value representation

 include/net/act_api.h        |  1 +
 include/net/pkt_cls.h        |  8 ++++++++
 include/uapi/linux/pkt_cls.h |  3 +++
 net/sched/act_api.c          | 36 ++++++++++++++++++++++++++++++++++++
 4 files changed, 48 insertions(+)

diff --git a/include/net/act_api.h b/include/net/act_api.h
index 1d71644..cfa2ae3 100644
--- a/include/net/act_api.h
+++ b/include/net/act_api.h
@@ -41,6 +41,7 @@ struct tc_action {
 	struct rcu_head			tcfa_rcu;
 	struct gnet_stats_basic_cpu __percpu *cpu_bstats;
 	struct gnet_stats_queue __percpu *cpu_qstats;
+	struct tc_cookie	*act_cookie;
 };
 #define tcf_head	common.tcfa_head
 #define tcf_index	common.tcfa_index
diff --git a/include/net/pkt_cls.h b/include/net/pkt_cls.h
index f0a0514..b43077e 100644
--- a/include/net/pkt_cls.h
+++ b/include/net/pkt_cls.h
@@ -515,4 +515,12 @@ struct tc_cls_bpf_offload {
 	u32 gen_flags;
 };
 
+
+/* This structure holds cookie structure that is passed from user
+ * to the kernel for actions and classifiers
+ */
+struct tc_cookie {
+	u8  *data;
+	u32 len;
+};
 #endif
diff --git a/include/uapi/linux/pkt_cls.h b/include/uapi/linux/pkt_cls.h
index fd373eb..345551e 100644
--- a/include/uapi/linux/pkt_cls.h
+++ b/include/uapi/linux/pkt_cls.h
@@ -4,6 +4,8 @@
 #include <linux/types.h>
 #include <linux/pkt_sched.h>
 
+#define TC_COOKIE_MAX_SIZE 16
+
 /* Action attributes */
 enum {
 	TCA_ACT_UNSPEC,
@@ -12,6 +14,7 @@ enum {
 	TCA_ACT_INDEX,
 	TCA_ACT_STATS,
 	TCA_ACT_PAD,
+	TCA_ACT_COOKIE,
 	__TCA_ACT_MAX
 };
 
diff --git a/net/sched/act_api.c b/net/sched/act_api.c
index cd08df9..58cf1c5 100644
--- a/net/sched/act_api.c
+++ b/net/sched/act_api.c
@@ -24,6 +24,7 @@
 #include <net/net_namespace.h>
 #include <net/sock.h>
 #include <net/sch_generic.h>
+#include <net/pkt_cls.h>
 #include <net/act_api.h>
 #include <net/netlink.h>
 
@@ -33,6 +34,8 @@ static void free_tcf(struct rcu_head *head)
 
 	free_percpu(p->cpu_bstats);
 	free_percpu(p->cpu_qstats);
+	kfree(p->act_cookie->data);
+	kfree(p->act_cookie);
 	kfree(p);
 }
 
@@ -475,6 +478,12 @@ int tcf_action_destroy(struct list_head *actions, int bind)
 		goto nla_put_failure;
 	if (tcf_action_copy_stats(skb, a, 0))
 		goto nla_put_failure;
+	if (a->act_cookie) {
+		if (nla_put(skb, TCA_ACT_COOKIE, a->act_cookie->len,
+			    a->act_cookie->data))
+			goto nla_put_failure;
+	}
+
 	nest = nla_nest_start(skb, TCA_OPTIONS);
 	if (nest == NULL)
 		goto nla_put_failure;
@@ -575,6 +584,33 @@ struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla,
 	if (err < 0)
 		goto err_mod;
 
+	if (tb[TCA_ACT_COOKIE]) {
+		int cklen = nla_len(tb[TCA_ACT_COOKIE]);
+
+		if (cklen > TC_COOKIE_MAX_SIZE) {
+			err = -EINVAL;
+			tcf_hash_release(a, bind);
+			goto err_mod;
+		}
+
+		a->act_cookie = kzalloc(sizeof(*a->act_cookie), GFP_KERNEL);
+		if (!a->act_cookie) {
+			err = -ENOMEM;
+			tcf_hash_release(a, bind);
+			goto err_mod;
+		}
+
+		a->act_cookie->data = nla_memdup(tb[TCA_ACT_COOKIE],
+						 GFP_KERNEL);
+		if (!a->act_cookie->data) {
+			err = -ENOMEM;
+			kfree(a->act_cookie);
+			tcf_hash_release(a, bind);
+			goto err_mod;
+		}
+		a->act_cookie->len = cklen;
+	}
+
 	/* module count goes up only when brand new policy is created
 	 * if it exists and is only bound to in a_o->init() then
 	 * ACT_P_CREATED is not returned (a zero is).
-- 
1.9.1

Re: [PATCH net-next v6 1/1] net sched actions: Add support for user cookies

[Jiri Pirko]

Sun, Jan 22, 2017 at 09:25:50PM CET, jhs@mojatatu.com wrote:
>From: Jamal Hadi Salim <jhs@mojatatu.com>
>
>Introduce optional 128-bit action cookie.
>Like all other cookie schemes in the networking world (eg in protocols
>like http or existing kernel fib protocol field, etc) the idea is to save
>user state that when retrieved serves as a correlator. The kernel
>_should not_ intepret it.  The user can store whatever they wish in the
>128 bits.
>
>Sample exercise(showing variable length use of cookie)
>
>.. create an accept action with cookie a1b2c3d4
>sudo $TC actions add action ok index 1 cookie a1b2c3d4
>
>.. dump all gact actions..
>sudo $TC -s actions ls action gact
>
>    action order 0: gact action pass
>     random type none pass val 0
>     index 1 ref 1 bind 0 installed 5 sec used 5 sec
>    Action statistics:
>    Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
>    backlog 0b 0p requeues 0
>    cookie a1b2c3d4
>
>.. bind the accept action to a filter..
>sudo $TC filter add dev lo parent ffff: protocol ip prio 1 \
>u32 match ip dst 127.0.0.1/32 flowid 1:1 action gact index 1
>
>... send some traffic..
>$ ping 127.0.0.1 -c 3
>PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
>64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.020 ms
>64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.027 ms
>64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.038 ms
>
>--- 127.0.0.1 ping statistics ---
>3 packets transmitted, 3 received, 0% packet loss, time 2109ms
>rtt min/avg/max/mdev = 0.020/0.028/0.038/0.008 ms 1
>
>... show some stats
>$ sudo $TC -s actions get action gact index 1
>
>    action order 1: gact action pass
>     random type none pass val 0
>     index 1 ref 2 bind 1 installed 204 sec used 5 sec
>    Action statistics:
>        Sent 12168 bytes 164 pkt (dropped 0, overlimits 0 requeues 0)
>    backlog 0b 0p requeues 0
>    cookie a1b2c3d4
>
>.. try longer cookie...
>$ sudo $TC actions replace action ok index 1 cookie 1234567890abcdef
>.. dump..
>$ sudo $TC -s actions ls action gact
>
>    action order 1: gact action pass
>     random type none pass val 0
>     index 1 ref 2 bind 1 installed 204 sec used 5 sec
>    Action statistics:
>        Sent 12168 bytes 164 pkt (dropped 0, overlimits 0 requeues 0)
>    backlog 0b 0p requeues 0
>    cookie 1234567890abcdef
>
>Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>

Reviewed-by: Jiri Pirko <jiri@mellanox.com>

Re: [PATCH net-next v6 1/1] net sched actions: Add support for user cookies

[Simon Horman]

Hi Jamal,

On Sun, Jan 22, 2017 at 03:25:50PM -0500, Jamal Hadi Salim wrote:

...

> diff --git a/net/sched/act_api.c b/net/sched/act_api.c
> index cd08df9..58cf1c5 100644
> --- a/net/sched/act_api.c
> +++ b/net/sched/act_api.c
> @@ -24,6 +24,7 @@
>  #include <net/net_namespace.h>
>  #include <net/sock.h>
>  #include <net/sch_generic.h>
> +#include <net/pkt_cls.h>
>  #include <net/act_api.h>
>  #include <net/netlink.h>
>  
> @@ -33,6 +34,8 @@ static void free_tcf(struct rcu_head *head)
>  
>  	free_percpu(p->cpu_bstats);
>  	free_percpu(p->cpu_qstats);
> +	kfree(p->act_cookie->data);

Does the above need to be protected by a check for p->act_cookie being non-NULL?

> +	kfree(p->act_cookie);
>  	kfree(p);
>  }
>  

...

> @@ -575,6 +584,33 @@ struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla,
>  	if (err < 0)
>  		goto err_mod;
>  
> +	if (tb[TCA_ACT_COOKIE]) {
> +		int cklen = nla_len(tb[TCA_ACT_COOKIE]);
> +
> +		if (cklen > TC_COOKIE_MAX_SIZE) {
> +			err = -EINVAL;
> +			tcf_hash_release(a, bind);
> +			goto err_mod;
> +		}
> +
> +		a->act_cookie = kzalloc(sizeof(*a->act_cookie), GFP_KERNEL);
> +		if (!a->act_cookie) {
> +			err = -ENOMEM;
> +			tcf_hash_release(a, bind);
> +			goto err_mod;
> +		}
> +
> +		a->act_cookie->data = nla_memdup(tb[TCA_ACT_COOKIE],
> +						 GFP_KERNEL);
> +		if (!a->act_cookie->data) {
> +			err = -ENOMEM;
> +			kfree(a->act_cookie);
> +			tcf_hash_release(a, bind);
> +			goto err_mod;
> +		}
> +		a->act_cookie->len = cklen;

FWIW, the above looks correct but it also looks like the error handling
could be done less verbosely if the logic was moved to a separate function.

> +	}
> +
>  	/* module count goes up only when brand new policy is created
>  	 * if it exists and is only bound to in a_o->init() then
>  	 * ACT_P_CREATED is not returned (a zero is).
> -- 
> 1.9.1
> 

Re: [PATCH net-next v6 1/1] net sched actions: Add support for user cookies

[Daniel Borkmann]

On 01/23/2017 01:58 PM, Simon Horman wrote:
> Hi Jamal,
>
> On Sun, Jan 22, 2017 at 03:25:50PM -0500, Jamal Hadi Salim wrote:
>
> ...
>
>> diff --git a/net/sched/act_api.c b/net/sched/act_api.c
>> index cd08df9..58cf1c5 100644
>> --- a/net/sched/act_api.c
>> +++ b/net/sched/act_api.c
>> @@ -24,6 +24,7 @@
>>   #include <net/net_namespace.h>
>>   #include <net/sock.h>
>>   #include <net/sch_generic.h>
>> +#include <net/pkt_cls.h>
>>   #include <net/act_api.h>
>>   #include <net/netlink.h>
>>
>> @@ -33,6 +34,8 @@ static void free_tcf(struct rcu_head *head)
>>
>>   	free_percpu(p->cpu_bstats);
>>   	free_percpu(p->cpu_qstats);
>> +	kfree(p->act_cookie->data);
>
> Does the above need to be protected by a check for p->act_cookie being non-NULL?

Yep, that would be a NULL-deref. Why not just embedd tc_cookie as
suggested earlier, the struct is rather small anyway ...

>> +	kfree(p->act_cookie);
>>   	kfree(p);
>>   }
>>
>
> ...
>
>> @@ -575,6 +584,33 @@ struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla,
>>   	if (err < 0)
>>   		goto err_mod;
>>
>> +	if (tb[TCA_ACT_COOKIE]) {
>> +		int cklen = nla_len(tb[TCA_ACT_COOKIE]);
>> +
>> +		if (cklen > TC_COOKIE_MAX_SIZE) {
>> +			err = -EINVAL;
>> +			tcf_hash_release(a, bind);
>> +			goto err_mod;
>> +		}
>> +
>> +		a->act_cookie = kzalloc(sizeof(*a->act_cookie), GFP_KERNEL);
>> +		if (!a->act_cookie) {
>> +			err = -ENOMEM;
>> +			tcf_hash_release(a, bind);
>> +			goto err_mod;
>> +		}
>> +
>> +		a->act_cookie->data = nla_memdup(tb[TCA_ACT_COOKIE],
>> +						 GFP_KERNEL);
>> +		if (!a->act_cookie->data) {
>> +			err = -ENOMEM;
>> +			kfree(a->act_cookie);
>> +			tcf_hash_release(a, bind);
>> +			goto err_mod;
>> +		}
>> +		a->act_cookie->len = cklen;
>
> FWIW, the above looks correct but it also looks like the error handling
> could be done less verbosely if the logic was moved to a separate function.
>
>> +	}
>> +
>>   	/* module count goes up only when brand new policy is created
>>   	 * if it exists and is only bound to in a_o->init() then
>>   	 * ACT_P_CREATED is not returned (a zero is).
>> --
>> 1.9.1
>>

Re: [PATCH net-next v6 1/1] net sched actions: Add support for user cookies

[Jamal Hadi Salim]

On 17-01-23 11:18 AM, Daniel Borkmann wrote:
> On 01/23/2017 01:58 PM, Simon Horman wrote:
>> Hi Jamal,
>>
>> On Sun, Jan 22, 2017 at 03:25:50PM -0500, Jamal Hadi Salim wrote:
>>
>> ...
>>
>>> diff --git a/net/sched/act_api.c b/net/sched/act_api.c
>>> index cd08df9..58cf1c5 100644
>>> --- a/net/sched/act_api.c
>>> +++ b/net/sched/act_api.c
>>> @@ -24,6 +24,7 @@
>>>   #include <net/net_namespace.h>
>>>   #include <net/sock.h>
>>>   #include <net/sch_generic.h>
>>> +#include <net/pkt_cls.h>
>>>   #include <net/act_api.h>
>>>   #include <net/netlink.h>
>>>
>>> @@ -33,6 +34,8 @@ static void free_tcf(struct rcu_head *head)
>>>
>>>       free_percpu(p->cpu_bstats);
>>>       free_percpu(p->cpu_qstats);
>>> +    kfree(p->act_cookie->data);
>>
>> Does the above need to be protected by a check for p->act_cookie being
>> non-NULL?
>
> Yep, that would be a NULL-deref. Why not just embedd tc_cookie as
> suggested earlier, the struct is rather small anyway ...
>


Everytime I make a change like that i seem to forget to run one
more test and it creates more bugs (example, the last two resends
are errors introduced by changing the struct from last one which
was your suggestion;->).
So you will have to forgive me I am not going back to that
definition; I will post version 7 soon.

cheers,
jamal

Re: [PATCH net-next v6 1/1] net sched actions: Add support for user cookies

[Jamal Hadi Salim]

On 17-01-23 07:58 AM, Simon Horman wrote:
> Hi Jamal,
>
> On Sun, Jan 22, 2017 at 03:25:50PM -0500, Jamal Hadi Salim wrote:
>
> ...
>

>> @@ -33,6 +34,8 @@ static void free_tcf(struct rcu_head *head)
>>
>>  	free_percpu(p->cpu_bstats);
>>  	free_percpu(p->cpu_qstats);
>> +	kfree(p->act_cookie->data);
>
> Does the above need to be protected by a check for p->act_cookie being non-NULL?
>

Indeed it does.

>> +	kfree(p->act_cookie);
>>  	kfree(p);
>>  }
>>
>
> ...
>
>> @@ -575,6 +584,33 @@ struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla,
>>  	if (err < 0)
>>  		goto err_mod;
>>
>> +	if (tb[TCA_ACT_COOKIE]) {
>> +		int cklen = nla_len(tb[TCA_ACT_COOKIE]);
>> +
>> +		if (cklen > TC_COOKIE_MAX_SIZE) {
>> +			err = -EINVAL;
>> +			tcf_hash_release(a, bind);
>> +			goto err_mod;
>> +		}
>> +
>> +		a->act_cookie = kzalloc(sizeof(*a->act_cookie), GFP_KERNEL);
>> +		if (!a->act_cookie) {
>> +			err = -ENOMEM;
>> +			tcf_hash_release(a, bind);
>> +			goto err_mod;
>> +		}
>> +
>> +		a->act_cookie->data = nla_memdup(tb[TCA_ACT_COOKIE],
>> +						 GFP_KERNEL);
>> +		if (!a->act_cookie->data) {
>> +			err = -ENOMEM;
>> +			kfree(a->act_cookie);
>> +			tcf_hash_release(a, bind);
>> +			goto err_mod;
>> +		}
>> +		a->act_cookie->len = cklen;
>
> FWIW, the above looks correct but it also looks like the error handling
> could be done less verbosely if the logic was moved to a separate function.
>

I will make the change.

Thanks Simon.

cheers,
jamal