[PATCH net v2 0/2] net_sched: reject unknown tcfa

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH net v2 0/2] net_sched: reject unknown tcfa_action values
@ 2018-08-29  8:22 Paolo Abeni
  2018-08-29  8:22 ` [PATCH net v2 1/2] " Paolo Abeni
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Paolo Abeni @ 2018-08-29  8:22 UTC (permalink / raw)
  To: netdev
  Cc: Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S . Miller,
	Davide Caratti, Lucas Bates

As agreed some time ago, this changeset reject unknown tcfa_action values,
instead of changing such values under the hood.

A tdc test is included to verify the new behavior.

v1 -> v2:
 - helper is now static and renamed according to act_* convention
 - updated extack message, according to the new behavior

Paolo Abeni (2):
  net_sched: reject unknown tcfa_action values
  tc-testing: add test-cases for numeric and invalid control action

 net/sched/act_api.c                           | 16 +++++--
 .../tc-testing/tc-tests/actions/police.json   | 48 +++++++++++++++++++
 2 files changed, 59 insertions(+), 5 deletions(-)

-- 
2.17.1

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH net v2 1/2] net_sched: reject unknown tcfa_action values
  2018-08-29  8:22 [PATCH net v2 0/2] net_sched: reject unknown tcfa_action values Paolo Abeni
@ 2018-08-29  8:22 ` Paolo Abeni
  2018-08-29  8:52   ` Jiri Pirko
  2018-08-29  8:22 ` [PATCH net v2 2/2] tc-testing: add test-cases for numeric and invalid control action Paolo Abeni
  2018-08-30  5:11 ` [PATCH net v2 0/2] net_sched: reject unknown tcfa_action values David Miller
  2 siblings, 1 reply; 5+ messages in thread
From: Paolo Abeni @ 2018-08-29  8:22 UTC (permalink / raw)
  To: netdev
  Cc: Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S . Miller,
	Davide Caratti, Lucas Bates

After the commit 802bfb19152c ("net/sched: user-space can't set
unknown tcfa_action values"), unknown tcfa_action values are
converted to TC_ACT_UNSPEC, but the common agreement is instead
rejecting such configurations.

This change also introduces a helper to simplify the destruction
of a single action, avoiding code duplication.

v1 -> v2:
 - helper is now static and renamed according to act_* convention
 - updated extack message, according to the new behavior

Fixes: 802bfb19152c ("net/sched: user-space can't set unknown tcfa_action values")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
---
 net/sched/act_api.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/net/sched/act_api.c b/net/sched/act_api.c
index db83dac1e7f4..316c98bb87e4 100644
--- a/net/sched/act_api.c
+++ b/net/sched/act_api.c
@@ -662,6 +662,13 @@ int tcf_action_destroy(struct tc_action *actions[], int bind)
 	return ret;
 }
 
+static int tcf_action_destroy_1(struct tc_action *a, int bind)
+{
+	struct tc_action *actions[] = { a, NULL };
+
+	return tcf_action_destroy(actions, bind);
+}
+
 static int tcf_action_put(struct tc_action *p)
 {
 	return __tcf_action_put(p, false);
@@ -881,17 +888,16 @@ struct tc_action *tcf_action_init_1(struct net *net, struct tcf_proto *tp,
 	if (TC_ACT_EXT_CMP(a->tcfa_action, TC_ACT_GOTO_CHAIN)) {
 		err = tcf_action_goto_chain_init(a, tp);
 		if (err) {
-			struct tc_action *actions[] = { a, NULL };
-
-			tcf_action_destroy(actions, bind);
+			tcf_action_destroy_1(a, bind);
 			NL_SET_ERR_MSG(extack, "Failed to init TC action chain");
 			return ERR_PTR(err);
 		}
 	}
 
 	if (!tcf_action_valid(a->tcfa_action)) {
-		NL_SET_ERR_MSG(extack, "invalid action value, using TC_ACT_UNSPEC instead");
-		a->tcfa_action = TC_ACT_UNSPEC;
+		tcf_action_destroy_1(a, bind);
+		NL_SET_ERR_MSG(extack, "Invalid control action value");
+		return ERR_PTR(-EINVAL);
 	}
 
 	return a;
-- 
2.17.1

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH net v2 1/2] net_sched: reject unknown tcfa_action values
  2018-08-29  8:22 ` [PATCH net v2 1/2] " Paolo Abeni
@ 2018-08-29  8:52   ` Jiri Pirko
  0 siblings, 0 replies; 5+ messages in thread
From: Jiri Pirko @ 2018-08-29  8:52 UTC (permalink / raw)
  To: Paolo Abeni
  Cc: netdev, Jamal Hadi Salim, Cong Wang, David S . Miller,
	Davide Caratti, Lucas Bates

Wed, Aug 29, 2018 at 10:22:33AM CEST, pabeni@redhat.com wrote:
>After the commit 802bfb19152c ("net/sched: user-space can't set
>unknown tcfa_action values"), unknown tcfa_action values are
>converted to TC_ACT_UNSPEC, but the common agreement is instead
>rejecting such configurations.
>
>This change also introduces a helper to simplify the destruction
>of a single action, avoiding code duplication.
>
>v1 -> v2:
> - helper is now static and renamed according to act_* convention
> - updated extack message, according to the new behavior
>
>Fixes: 802bfb19152c ("net/sched: user-space can't set unknown tcfa_action values")
>Signed-off-by: Paolo Abeni <pabeni@redhat.com>

Acked-by: Jiri Pirko <jiri@mellanox.com>

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH net v2 2/2] tc-testing: add test-cases for numeric and invalid control action
  2018-08-29  8:22 [PATCH net v2 0/2] net_sched: reject unknown tcfa_action values Paolo Abeni
  2018-08-29  8:22 ` [PATCH net v2 1/2] " Paolo Abeni
@ 2018-08-29  8:22 ` Paolo Abeni
  2018-08-30  5:11 ` [PATCH net v2 0/2] net_sched: reject unknown tcfa_action values David Miller
  2 siblings, 0 replies; 5+ messages in thread
From: Paolo Abeni @ 2018-08-29  8:22 UTC (permalink / raw)
  To: netdev
  Cc: Jamal Hadi Salim, Cong Wang, Jiri Pirko, David S . Miller,
	Davide Caratti, Lucas Bates

Only the police action allows us to specify an arbitrary numeric value
for the control action. This change introduces an explicit test case
for the above feature and then leverage it for testing the kernel behavior
for invalid control actions (reject).

Signed-off-by: Paolo Abeni <pabeni@redhat.com>
---
 .../tc-testing/tc-tests/actions/police.json   | 48 +++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/tools/testing/selftests/tc-testing/tc-tests/actions/police.json b/tools/testing/selftests/tc-testing/tc-tests/actions/police.json
index f03763d81617..30f9b54bd666 100644
--- a/tools/testing/selftests/tc-testing/tc-tests/actions/police.json
+++ b/tools/testing/selftests/tc-testing/tc-tests/actions/police.json
@@ -312,6 +312,54 @@
             "$TC actions flush action police"
         ]
     },
+    {
+        "id": "6aaf",
+        "name": "Add police actions with conform-exceed control pass/pipe [with numeric values]",
+        "category": [
+            "actions",
+            "police"
+        ],
+        "setup": [
+            [
+                "$TC actions flush action police",
+                0,
+                1,
+                255
+            ]
+        ],
+        "cmdUnderTest": "$TC actions add action police rate 3mbit burst 250k conform-exceed 0/3 index 1",
+        "expExitCode": "0",
+        "verifyCmd": "$TC actions get action police index 1",
+        "matchPattern": "action order [0-9]*:  police 0x1 rate 3Mbit burst 250Kb mtu 2Kb action pass/pipe",
+        "matchCount": "1",
+        "teardown": [
+            "$TC actions flush action police"
+        ]
+    },
+    {
+        "id": "29b1",
+        "name": "Add police actions with conform-exceed control <invalid>/drop",
+        "category": [
+            "actions",
+            "police"
+        ],
+        "setup": [
+            [
+                "$TC actions flush action police",
+                0,
+                1,
+                255
+            ]
+        ],
+        "cmdUnderTest": "$TC actions add action police rate 3mbit burst 250k conform-exceed 10/drop index 1",
+        "expExitCode": "255",
+        "verifyCmd": "$TC actions ls action police",
+        "matchPattern": "action order [0-9]*:  police 0x1 rate 3Mbit burst 250Kb mtu 2Kb action ",
+        "matchCount": "0",
+        "teardown": [
+            "$TC actions flush action police"
+        ]
+    },
     {
         "id": "c26f",
         "name": "Add police action with invalid peakrate value",
-- 
2.17.1

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH net v2 0/2] net_sched: reject unknown tcfa_action values
  2018-08-29  8:22 [PATCH net v2 0/2] net_sched: reject unknown tcfa_action values Paolo Abeni
  2018-08-29  8:22 ` [PATCH net v2 1/2] " Paolo Abeni
  2018-08-29  8:22 ` [PATCH net v2 2/2] tc-testing: add test-cases for numeric and invalid control action Paolo Abeni
@ 2018-08-30  5:11 ` David Miller
  2 siblings, 0 replies; 5+ messages in thread
From: David Miller @ 2018-08-30  5:11 UTC (permalink / raw)
  To: pabeni; +Cc: netdev, jhs, xiyou.wangcong, jiri, dcaratti, lucasb

From: Paolo Abeni <pabeni@redhat.com>
Date: Wed, 29 Aug 2018 10:22:32 +0200

> As agreed some time ago, this changeset reject unknown tcfa_action values,
> instead of changing such values under the hood.
> 
> A tdc test is included to verify the new behavior.
> 
> v1 -> v2:
>  - helper is now static and renamed according to act_* convention
>  - updated extack message, according to the new behavior

Series applied, thank you.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2018-08-30  9:11 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-08-29  8:22 [PATCH net v2 0/2] net_sched: reject unknown tcfa_action values Paolo Abeni
2018-08-29  8:22 ` [PATCH net v2 1/2] " Paolo Abeni
2018-08-29  8:52   ` Jiri Pirko
2018-08-29  8:22 ` [PATCH net v2 2/2] tc-testing: add test-cases for numeric and invalid control action Paolo Abeni
2018-08-30  5:11 ` [PATCH net v2 0/2] net_sched: reject unknown tcfa_action values David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).