[ovs-git] [openvswitch/ovs] 000ea3: datapath: Always define NF_CT_LABELS_MAX_SIZE
GitHub
noreply at github.com
Wed Apr 19 21:13:55 UTC 2017
Branch: refs/heads/master
Home: https://github.com/openvswitch/ovs
Commit: 000ea3352d085b65976484570e3f6e0afb95bfd0
https://github.com/openvswitch/ovs/commit/000ea3352d085b65976484570e3f6e0afb95bfd0
Author: Andy Zhou <azhou at ovn.org>
Date: 2017-04-19 (Wed, 19 Apr 2017)
Changed paths:
M datapath/linux/compat/include/net/netfilter/nf_conntrack_labels.h
Log Message:
-----------
datapath: Always define NF_CT_LABELS_MAX_SIZE
When CONFIG_NF_CONNTRACK_LABLES is not set, upstream code still make
use of NF_CT_LABLES_MAX_SIZE. Always define it in the compat code
to keep back ports close to the upstream.
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Joe Stringer <joe at ovn.org>
Commit: 1963a8854110284b5762a3666c057310fe9910a6
https://github.com/openvswitch/ovs/commit/1963a8854110284b5762a3666c057310fe9910a6
Author: Jarno Rajahalme <jarno at ovn.org>
Date: 2017-04-19 (Wed, 19 Apr 2017)
Changed paths:
M datapath/conntrack.c
M datapath/conntrack.h
M datapath/flow.h
M datapath/flow_netlink.c
Log Message:
-----------
datapath: Pack struct sw_flow_key.
Upstream commit:
openvswitch: Pack struct sw_flow_key.
struct sw_flow_key has two 16-bit holes. Move the most matched
conntrack match fields there. In some typical cases this reduces the
size of the key that needs to be hashed into half and into one cache
line.
Signed-off-by: Jarno Rajahalme <jarno at ovn.org>
Acked-by: Joe Stringer <joe at ovn.org>
Acked-by: Pravin B Shelar <pshelar at ovn.org>
Signed-off-by: David S. Miller <davem at davemloft.net>
Upstream: 316d4d78cf9b ("openvswitch: Pack struct sw_flow_key.")
Signed-off-by: Joe Stringer <joe at ovn.org>
Signed-off-by: Andy Zhou <azhou at ovn.org>
Commit: 68d400d546f77dfa9897c67f5c14560ae2fb2c9e
https://github.com/openvswitch/ovs/commit/68d400d546f77dfa9897c67f5c14560ae2fb2c9e
Author: Eric Dumazet <edumazet at google.com>
Date: 2017-04-19 (Wed, 19 Apr 2017)
Changed paths:
M AUTHORS.rst
M acinclude.m4
M datapath/conntrack.c
M datapath/linux/compat/include/net/netfilter/ipv6/nf_defrag_ipv6.h
M datapath/linux/compat/nf_conntrack_reasm.c
Log Message:
-----------
compat: ipv6: orphan skbs in reassembly unit.
Upstream commit:
ipv6: orphan skbs in reassembly unit
Andrey reported a use-after-free in IPv6 stack.
Issue here is that we free the socket while it still has skb
in TX path and in some queues.
It happens here because IPv6 reassembly unit messes skb->truesize,
breaking skb_set_owner_w() badly.
We fixed a similar issue for IPV4 in commit 8282f27449bf ("inet: frag:
Always orphan skbs inside ip_defrag()")
Acked-by: Joe Stringer <joe at ovn.org>
==================================================================
BUG: KASAN: use-after-free in sock_wfree+0x118/0x120
Read of size 8 at addr ffff880062da0060 by task a.out/4140
page:ffffea00018b6800 count:1 mapcount:0 mapping: (null)
index:0x0 compound_mapcount: 0
flags: 0x100000000008100(slab|head)
raw: 0100000000008100 0000000000000000 0000000000000000 0000000180130013
raw: dead000000000100 dead000000000200 ffff88006741f140 0000000000000000
page dumped because: kasan: bad access detected
CPU: 0 PID: 4140 Comm: a.out Not tainted 4.10.0-rc3+ #59
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:15
dump_stack+0x292/0x398 lib/dump_stack.c:51
describe_address mm/kasan/report.c:262
kasan_report_error+0x121/0x560 mm/kasan/report.c:370
kasan_report mm/kasan/report.c:392
__asan_report_load8_noabort+0x3e/0x40 mm/kasan/report.c:413
sock_flag ./arch/x86/include/asm/bitops.h:324
sock_wfree+0x118/0x120 net/core/sock.c:1631
skb_release_head_state+0xfc/0x250 net/core/skbuff.c:655
skb_release_all+0x15/0x60 net/core/skbuff.c:668
__kfree_skb+0x15/0x20 net/core/skbuff.c:684
kfree_skb+0x16e/0x4e0 net/core/skbuff.c:705
inet_frag_destroy+0x121/0x290 net/ipv4/inet_fragment.c:304
inet_frag_put ./include/net/inet_frag.h:133
nf_ct_frag6_gather+0x1125/0x38b0 net/ipv6/netfilter/nf_conntrack_reasm.c:617
ipv6_defrag+0x21b/0x350 net/ipv6/netfilter/nf_defrag_ipv6_hooks.c:68
nf_hook_entry_hookfn ./include/linux/netfilter.h:102
nf_hook_slow+0xc3/0x290 net/netfilter/core.c:310
nf_hook ./include/linux/netfilter.h:212
__ip6_local_out+0x52c/0xaf0 net/ipv6/output_core.c:160
ip6_local_out+0x2d/0x170 net/ipv6/output_core.c:170
ip6_send_skb+0xa1/0x340 net/ipv6/ip6_output.c:1722
ip6_push_pending_frames+0xb3/0xe0 net/ipv6/ip6_output.c:1742
rawv6_push_pending_frames net/ipv6/raw.c:613
rawv6_sendmsg+0x2cff/0x4130 net/ipv6/raw.c:927
inet_sendmsg+0x164/0x5b0 net/ipv4/af_inet.c:744
sock_sendmsg_nosec net/socket.c:635
sock_sendmsg+0xca/0x110 net/socket.c:645
sock_write_iter+0x326/0x620 net/socket.c:848
new_sync_write fs/read_write.c:499
__vfs_write+0x483/0x760 fs/read_write.c:512
vfs_write+0x187/0x530 fs/read_write.c:560
SYSC_write fs/read_write.c:607
SyS_write+0xfb/0x230 fs/read_write.c:599
entry_SYSCALL_64_fastpath+0x1f/0xc2 arch/x86/entry/entry_64.S:203
RIP: 0033:0x7ff26e6f5b79
RSP: 002b:00007ff268e0ed98 EFLAGS: 00000206 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007ff268e0f9c0 RCX: 00007ff26e6f5b79
RDX: 0000000000000010 RSI: 0000000020f50fe1 RDI: 0000000000000003
RBP: 00007ff26ebc1220 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 00007ff268e0f9c0 R14: 00007ff26efec040 R15: 0000000000000003
The buggy address belongs to the object at ffff880062da0000
which belongs to the cache RAWv6 of size 1504
The buggy address ffff880062da0060 is located 96 bytes inside
of 1504-byte region [ffff880062da0000, ffff880062da05e0)
Freed by task 4113:
save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:57
save_stack+0x43/0xd0 mm/kasan/kasan.c:502
set_track mm/kasan/kasan.c:514
kasan_slab_free+0x73/0xc0 mm/kasan/kasan.c:578
slab_free_hook mm/slub.c:1352
slab_free_freelist_hook mm/slub.c:1374
slab_free mm/slub.c:2951
kmem_cache_free+0xb2/0x2c0 mm/slub.c:2973
sk_prot_free net/core/sock.c:1377
__sk_destruct+0x49c/0x6e0 net/core/sock.c:1452
sk_destruct+0x47/0x80 net/core/sock.c:1460
__sk_free+0x57/0x230 net/core/sock.c:1468
sk_free+0x23/0x30 net/core/sock.c:1479
sock_put ./include/net/sock.h:1638
sk_common_release+0x31e/0x4e0 net/core/sock.c:2782
rawv6_close+0x54/0x80 net/ipv6/raw.c:1214
inet_release+0xed/0x1c0 net/ipv4/af_inet.c:425
inet6_release+0x50/0x70 net/ipv6/af_inet6.c:431
sock_release+0x8d/0x1e0 net/socket.c:599
sock_close+0x16/0x20 net/socket.c:1063
__fput+0x332/0x7f0 fs/file_table.c:208
____fput+0x15/0x20 fs/file_table.c:244
task_work_run+0x19b/0x270 kernel/task_work.c:116
exit_task_work ./include/linux/task_work.h:21
do_exit+0x186b/0x2800 kernel/exit.c:839
do_group_exit+0x149/0x420 kernel/exit.c:943
SYSC_exit_group kernel/exit.c:954
SyS_exit_group+0x1d/0x20 kernel/exit.c:952
entry_SYSCALL_64_fastpath+0x1f/0xc2 arch/x86/entry/entry_64.S:203
Allocated by task 4115:
save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:57
save_stack+0x43/0xd0 mm/kasan/kasan.c:502
set_track mm/kasan/kasan.c:514
kasan_kmalloc+0xad/0xe0 mm/kasan/kasan.c:605
kasan_slab_alloc+0x12/0x20 mm/kasan/kasan.c:544
slab_post_alloc_hook mm/slab.h:432
slab_alloc_node mm/slub.c:2708
slab_alloc mm/slub.c:2716
kmem_cache_alloc+0x1af/0x250 mm/slub.c:2721
sk_prot_alloc+0x65/0x2a0 net/core/sock.c:1334
sk_alloc+0x105/0x1010 net/core/sock.c:1396
inet6_create+0x44d/0x1150 net/ipv6/af_inet6.c:183
__sock_create+0x4f6/0x880 net/socket.c:1199
sock_create net/socket.c:1239
SYSC_socket net/socket.c:1269
SyS_socket+0xf9/0x230 net/socket.c:1249
entry_SYSCALL_64_fastpath+0x1f/0xc2 arch/x86/entry/entry_64.S:203
Memory state around the buggy address:
ffff880062d9ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
ffff880062d9ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff880062da0000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
^
ffff880062da0080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
ffff880062da0100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================
Reported-by: Andrey Konovalov <andreyknvl at google.com>
Signed-off-by: Eric Dumazet <edumazet at google.com>
Signed-off-by: David S. Miller <davem at davemloft.net>
This patch is a bugfix, and will be progressively backported to earlier
kernels. If it is backported to any kernel 4.5 through 4.10, then users
use that updated kernel with the OVS kernel module prior to this patch, it
could cause a crash. The compat code here resolves such issues.
Upstream: 48cac18ecf1d ("ipv6: orphan skbs in reassembly unit")
Signed-off-by: Joe Stringer <joe at ovn.org>
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Joe Stringer <joe at ovn.org>
Commit: 09b26ccb230b5727306e7e72b340cbc624fdff80
https://github.com/openvswitch/ovs/commit/09b26ccb230b5727306e7e72b340cbc624fdff80
Author: Peter Downs <padowns at gmail.com>
Date: 2017-04-19 (Wed, 19 Apr 2017)
Changed paths:
M AUTHORS.rst
M datapath/actions.c
Log Message:
-----------
datapath: actions: fixed a brace coding style warning.
Upstream commit:
openvswitch: actions: fixed a brace coding style warning
Fixed a brace coding style warning reported by checkpatch.pl
Signed-off-by: Peter Downs <padowns at gmail.com>
Signed-off-by: David S. Miller <davem at davemloft.net>
Upstream: f1304f7ba398 ("openvswitch: actions: fixed a brace coding style warning")
Signed-off-by: Joe Stringer <joe at ovn.org>
Signed-off-by: Andy Zhou <azhou at ovn.org>
Commit: 5c54ca4c8ea4d31e965288face51a0aa753c5958
https://github.com/openvswitch/ovs/commit/5c54ca4c8ea4d31e965288face51a0aa753c5958
Author: Or Gerlitz <ogerlitz at mellanox.com>
Date: 2017-04-19 (Wed, 19 Apr 2017)
Changed paths:
M AUTHORS.rst
M datapath/flow_netlink.c
Log Message:
-----------
datapath: net/openvswitch: Set the ipv6 source tunnel key address attribute correctly
Upstream commit:
net/openvswitch: Set the ipv6 source tunnel key address attribute correctly
When dealing with ipv6 source tunnel key address attribute
(OVS_TUNNEL_KEY_ATTR_IPV6_SRC) we are wrongly setting the tunnel
dst ip, fix that.
Fixes: 6b26ba3a7d95 ('openvswitch: netlink attributes for IPv6 tunneling')
Signed-off-by: Or Gerlitz <ogerlitz at mellanox.com>
Reported-by: Paul Blakey <paulb at mellanox.com>
Acked-by: Jiri Benc <jbenc at redhat.com>
Acked-by: Joe Stringer <joe at ovn.org>
Signed-off-by: David S. Miller <davem at davemloft.net>
Upstream: 3d20f1f7bd575 ("net/openvswitch: Set the ipv6 source tunnel key address attribute correctly")
Fixes: 8a2d4905a00f ("datapath: Add support for IPv6 tunnels.")
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Joe Stringer <joe at ovn.org>
Commit: 5d728d315ec2b07bff3bbb625b9f1d4607d7ddfb
https://github.com/openvswitch/ovs/commit/5d728d315ec2b07bff3bbb625b9f1d4607d7ddfb
Author: Kris Murphy <kriskend at linux.vnet.ibm.com>
Date: 2017-04-19 (Wed, 19 Apr 2017)
Changed paths:
M AUTHORS.rst
M datapath/flow_netlink.c
Log Message:
-----------
datapath: openvswitch: Add missing case OVS_TUNNEL_KEY_ATTR_PAD
openvswitch: Add missing case OVS_TUNNEL_KEY_ATTR_PAD
Added a case for OVS_TUNNEL_KEY_ATTR_PAD to the switch statement
in ip_tun_from_nlattr in order to prevent the default case
returning an error.
Fixes: b46f6ded906e ("libnl: nla_put_be64(): align on a 64-bit area")
Signed-off-by: Kris Murphy <kriskend at linux.vnet.ibm.com>
Acked-by: Joe Stringer <joe at ovn.org>
Signed-off-by: David S. Miller <davem at davemloft.net>
Upstream: 8f3dbfd79ed9("openvswitch: Add missing case OVS_TUNNEL_KEY_ATTR_PAD")
Fixes: f34648187b03 ("datapath: backport: libnl: nla_put_be64(): align
on a 64-bit area")
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Joe Stringer <joe at ovn.org>
Commit: 615fa7ba65102e78cbe7082be6ac67c306e31860
https://github.com/openvswitch/ovs/commit/615fa7ba65102e78cbe7082be6ac67c306e31860
Author: Andy Zhou <azhou at ovn.org>
Date: 2017-04-19 (Wed, 19 Apr 2017)
Changed paths:
M datapath/actions.c
Log Message:
-----------
datapath: openvswitch: Deferred fifo API change.
Upstream commit:
openvswitch: Deferred fifo API change.
add_deferred_actions() API currently requires actions to be passed in
as a fully encoded netlink message. So far both 'sample' and 'recirc'
actions happens to carry actions as fully encoded netlink messages.
However, this requirement is more restrictive than necessary, future
patch will need to pass in action lists that are not fully encoded
by themselves.
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Joe Stringer <joe at ovn.org>
Acked-by: Pravin B Shelar <pshelar at ovn.org>
Signed-off-by: David S. Miller <davem at davemloft.net>
Upstream: 47c697aa2d07 ("openvswitch: Deferred fifo API change.")
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Joe Stringer <joe at ovn.org>
Commit: 58afdef14e3e966cd82c0b1fe3ff7666f1923847
https://github.com/openvswitch/ovs/commit/58afdef14e3e966cd82c0b1fe3ff7666f1923847
Author: Andy Zhou <azhou at ovn.org>
Date: 2017-04-19 (Wed, 19 Apr 2017)
Changed paths:
M datapath/actions.c
Log Message:
-----------
datapath: openvswitch: Refactor recirc key allocation.
Upstream commit:
openvswitch: Refactor recirc key allocation.
The logic of allocating and copy key for each 'exec_actions_level'
was specific to execute_recirc(). However, future patches will reuse
as well. Refactor the logic into its own function clone_key().
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Pravin B Shelar <pshelar at ovn.org>
Signed-off-by: David S. Miller <davem at davemloft.net>
Upstream: 4572ef52a00b ("openvswitch: Refactor recirc key allocation.")
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Joe Stringer <joe at ovn.org>
Commit: 7d9595e3516256e5839fb2ded5f8b787ca8e4dcb
https://github.com/openvswitch/ovs/commit/7d9595e3516256e5839fb2ded5f8b787ca8e4dcb
Author: Andy Zhou <azhou at ovn.org>
Date: 2017-04-19 (Wed, 19 Apr 2017)
Changed paths:
M datapath/actions.c
M datapath/datapath.h
M datapath/flow_netlink.c
M datapath/linux/compat/include/linux/kernel.h
M datapath/linux/compat/include/linux/openvswitch.h
Log Message:
-----------
datapath: openvswitch: Optimize sample action for the clone use cases
Upstream commit:
openvswitch: Optimize sample action for the clone use cases
With the introduction of open flow 'clone' action, the OVS user space
can now translate the 'clone' action into kernel datapath 'sample'
action, with 100% probability, to ensure that the clone semantics,
which is that the packet seen by the clone action is the same as the
packet seen by the action after clone, is faithfully carried out
in the datapath.
While the sample action in the datpath has the matching semantics,
its implementation is only optimized for its original use.
Specifically, there are two limitation: First, there is a 3 level of
nesting restriction, enforced at the flow downloading time. This
limit turns out to be too restrictive for the 'clone' use case.
Second, the implementation avoid recursive call only if the sample
action list has a single userspace action.
The main optimization implemented in this series removes the static
nesting limit check, instead, implement the run time recursion limit
check, and recursion avoidance similar to that of the 'recirc' action.
This optimization solve both #1 and #2 issues above.
One related optimization attempts to avoid copying flow key as
long as the actions enclosed does not change the flow key. The
detection is performed only once at the flow downloading time.
Another related optimization is to rewrite the action list
at flow downloading time in order to save the fast path from parsing
the sample action list in its original form repeatedly.
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Pravin B Shelar <pshelar at ovn.org>
Signed-off-by: David S. Miller <davem at davemloft.net>
Upstream: 798c166173ff ("openvswitch: Optimize sample action for the clone use cases")
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Joe Stringer <joe at ovn.org>
Commit: d4004f8dbb0def2f93ede77d8b8cf718e6e675ef
https://github.com/openvswitch/ovs/commit/d4004f8dbb0def2f93ede77d8b8cf718e6e675ef
Author: Andy Zhou <azhou at ovn.org>
Date: 2017-04-19 (Wed, 19 Apr 2017)
Changed paths:
M datapath/actions.c
Log Message:
-----------
datapath: Openvswitch: Refactor sample and recirc actions implementation
Upstream commit:
Openvswitch: Refactor sample and recirc actions implementation
Added clone_execute() that both the sample and the recirc
action implementation can use.
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Pravin B Shelar <pshelar at ovn.org>
Signed-off-by: David S. Miller <davem at davemloft.net>
Upstream: bef7f7567a10 ("Openvswitch: Refactor sample and recirc actions implementation")
Signed-off-by: Andy Zhou <azhou at ovn.org>
Acked-by: Joe Stringer <joe at ovn.org>
Compare: https://github.com/openvswitch/ovs/compare/76c62d19fe81...d4004f8dbb0d
More information about the git
mailing list