mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-09 22:50:41 +00:00
net: sched: unlock rules update API
Register netlink protocol handlers for message types RTM_NEWTFILTER, RTM_DELTFILTER, RTM_GETTFILTER as unlocked. Set rtnl_held variable that tracks rtnl mutex state to be false by default. Introduce tcf_proto_is_unlocked() helper that is used to check tcf_proto_ops->flag to determine if ops can be called without taking rtnl lock. Manually lookup Qdisc, class and block in rule update handlers. Verify that both Qdisc ops and proto ops are unlocked before using any of their callbacks, and obtain rtnl lock otherwise. Signed-off-by: Vlad Buslov <vladbu@mellanox.com> Acked-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
18d3eefb17
commit
470502de5b
@ -163,6 +163,23 @@ static inline u32 tcf_auto_prio(struct tcf_proto *tp)
|
|||||||
return TC_H_MAJ(first);
|
return TC_H_MAJ(first);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool tcf_proto_is_unlocked(const char *kind)
|
||||||
|
{
|
||||||
|
const struct tcf_proto_ops *ops;
|
||||||
|
bool ret;
|
||||||
|
|
||||||
|
ops = tcf_proto_lookup_ops(kind, false, NULL);
|
||||||
|
/* On error return false to take rtnl lock. Proto lookup/create
|
||||||
|
* functions will perform lookup again and properly handle errors.
|
||||||
|
*/
|
||||||
|
if (IS_ERR(ops))
|
||||||
|
return false;
|
||||||
|
|
||||||
|
ret = !!(ops->flags & TCF_PROTO_OPS_DOIT_UNLOCKED);
|
||||||
|
module_put(ops->owner);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
static struct tcf_proto *tcf_proto_create(const char *kind, u32 protocol,
|
static struct tcf_proto *tcf_proto_create(const char *kind, u32 protocol,
|
||||||
u32 prio, struct tcf_chain *chain,
|
u32 prio, struct tcf_chain *chain,
|
||||||
bool rtnl_held,
|
bool rtnl_held,
|
||||||
@ -1312,8 +1329,12 @@ static void tcf_block_release(struct Qdisc *q, struct tcf_block *block,
|
|||||||
if (!IS_ERR_OR_NULL(block))
|
if (!IS_ERR_OR_NULL(block))
|
||||||
tcf_block_refcnt_put(block, rtnl_held);
|
tcf_block_refcnt_put(block, rtnl_held);
|
||||||
|
|
||||||
if (q)
|
if (q) {
|
||||||
qdisc_put(q);
|
if (rtnl_held)
|
||||||
|
qdisc_put(q);
|
||||||
|
else
|
||||||
|
qdisc_put_unlocked(q);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
struct tcf_block_owner_item {
|
struct tcf_block_owner_item {
|
||||||
@ -1966,7 +1987,7 @@ static int tc_new_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
|
|||||||
void *fh;
|
void *fh;
|
||||||
int err;
|
int err;
|
||||||
int tp_created;
|
int tp_created;
|
||||||
bool rtnl_held = true;
|
bool rtnl_held = false;
|
||||||
|
|
||||||
if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
|
if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
|
||||||
return -EPERM;
|
return -EPERM;
|
||||||
@ -1985,6 +2006,7 @@ replay:
|
|||||||
parent = t->tcm_parent;
|
parent = t->tcm_parent;
|
||||||
tp = NULL;
|
tp = NULL;
|
||||||
cl = 0;
|
cl = 0;
|
||||||
|
block = NULL;
|
||||||
|
|
||||||
if (prio == 0) {
|
if (prio == 0) {
|
||||||
/* If no priority is provided by the user,
|
/* If no priority is provided by the user,
|
||||||
@ -2001,8 +2023,27 @@ replay:
|
|||||||
|
|
||||||
/* Find head of filter chain. */
|
/* Find head of filter chain. */
|
||||||
|
|
||||||
block = tcf_block_find(net, &q, &parent, &cl,
|
err = __tcf_qdisc_find(net, &q, &parent, t->tcm_ifindex, false, extack);
|
||||||
t->tcm_ifindex, t->tcm_block_index, extack);
|
if (err)
|
||||||
|
return err;
|
||||||
|
|
||||||
|
/* Take rtnl mutex if rtnl_held was set to true on previous iteration,
|
||||||
|
* block is shared (no qdisc found), qdisc is not unlocked, classifier
|
||||||
|
* type is not specified, classifier is not unlocked.
|
||||||
|
*/
|
||||||
|
if (rtnl_held ||
|
||||||
|
(q && !(q->ops->cl_ops->flags & QDISC_CLASS_OPS_DOIT_UNLOCKED)) ||
|
||||||
|
!tca[TCA_KIND] || !tcf_proto_is_unlocked(nla_data(tca[TCA_KIND]))) {
|
||||||
|
rtnl_held = true;
|
||||||
|
rtnl_lock();
|
||||||
|
}
|
||||||
|
|
||||||
|
err = __tcf_qdisc_cl_find(q, parent, &cl, t->tcm_ifindex, extack);
|
||||||
|
if (err)
|
||||||
|
goto errout;
|
||||||
|
|
||||||
|
block = __tcf_block_find(net, q, cl, t->tcm_ifindex, t->tcm_block_index,
|
||||||
|
extack);
|
||||||
if (IS_ERR(block)) {
|
if (IS_ERR(block)) {
|
||||||
err = PTR_ERR(block);
|
err = PTR_ERR(block);
|
||||||
goto errout;
|
goto errout;
|
||||||
@ -2123,9 +2164,18 @@ errout_tp:
|
|||||||
tcf_chain_put(chain);
|
tcf_chain_put(chain);
|
||||||
}
|
}
|
||||||
tcf_block_release(q, block, rtnl_held);
|
tcf_block_release(q, block, rtnl_held);
|
||||||
if (err == -EAGAIN)
|
|
||||||
|
if (rtnl_held)
|
||||||
|
rtnl_unlock();
|
||||||
|
|
||||||
|
if (err == -EAGAIN) {
|
||||||
|
/* Take rtnl lock in case EAGAIN is caused by concurrent flush
|
||||||
|
* of target chain.
|
||||||
|
*/
|
||||||
|
rtnl_held = true;
|
||||||
/* Replay the request. */
|
/* Replay the request. */
|
||||||
goto replay;
|
goto replay;
|
||||||
|
}
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
errout_locked:
|
errout_locked:
|
||||||
@ -2146,12 +2196,12 @@ static int tc_del_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
|
|||||||
struct Qdisc *q = NULL;
|
struct Qdisc *q = NULL;
|
||||||
struct tcf_chain_info chain_info;
|
struct tcf_chain_info chain_info;
|
||||||
struct tcf_chain *chain = NULL;
|
struct tcf_chain *chain = NULL;
|
||||||
struct tcf_block *block;
|
struct tcf_block *block = NULL;
|
||||||
struct tcf_proto *tp = NULL;
|
struct tcf_proto *tp = NULL;
|
||||||
unsigned long cl = 0;
|
unsigned long cl = 0;
|
||||||
void *fh = NULL;
|
void *fh = NULL;
|
||||||
int err;
|
int err;
|
||||||
bool rtnl_held = true;
|
bool rtnl_held = false;
|
||||||
|
|
||||||
if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
|
if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
|
||||||
return -EPERM;
|
return -EPERM;
|
||||||
@ -2172,8 +2222,27 @@ static int tc_del_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
|
|||||||
|
|
||||||
/* Find head of filter chain. */
|
/* Find head of filter chain. */
|
||||||
|
|
||||||
block = tcf_block_find(net, &q, &parent, &cl,
|
err = __tcf_qdisc_find(net, &q, &parent, t->tcm_ifindex, false, extack);
|
||||||
t->tcm_ifindex, t->tcm_block_index, extack);
|
if (err)
|
||||||
|
return err;
|
||||||
|
|
||||||
|
/* Take rtnl mutex if flushing whole chain, block is shared (no qdisc
|
||||||
|
* found), qdisc is not unlocked, classifier type is not specified,
|
||||||
|
* classifier is not unlocked.
|
||||||
|
*/
|
||||||
|
if (!prio ||
|
||||||
|
(q && !(q->ops->cl_ops->flags & QDISC_CLASS_OPS_DOIT_UNLOCKED)) ||
|
||||||
|
!tca[TCA_KIND] || !tcf_proto_is_unlocked(nla_data(tca[TCA_KIND]))) {
|
||||||
|
rtnl_held = true;
|
||||||
|
rtnl_lock();
|
||||||
|
}
|
||||||
|
|
||||||
|
err = __tcf_qdisc_cl_find(q, parent, &cl, t->tcm_ifindex, extack);
|
||||||
|
if (err)
|
||||||
|
goto errout;
|
||||||
|
|
||||||
|
block = __tcf_block_find(net, q, cl, t->tcm_ifindex, t->tcm_block_index,
|
||||||
|
extack);
|
||||||
if (IS_ERR(block)) {
|
if (IS_ERR(block)) {
|
||||||
err = PTR_ERR(block);
|
err = PTR_ERR(block);
|
||||||
goto errout;
|
goto errout;
|
||||||
@ -2255,6 +2324,10 @@ errout:
|
|||||||
tcf_chain_put(chain);
|
tcf_chain_put(chain);
|
||||||
}
|
}
|
||||||
tcf_block_release(q, block, rtnl_held);
|
tcf_block_release(q, block, rtnl_held);
|
||||||
|
|
||||||
|
if (rtnl_held)
|
||||||
|
rtnl_unlock();
|
||||||
|
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
errout_locked:
|
errout_locked:
|
||||||
@ -2275,12 +2348,12 @@ static int tc_get_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
|
|||||||
struct Qdisc *q = NULL;
|
struct Qdisc *q = NULL;
|
||||||
struct tcf_chain_info chain_info;
|
struct tcf_chain_info chain_info;
|
||||||
struct tcf_chain *chain = NULL;
|
struct tcf_chain *chain = NULL;
|
||||||
struct tcf_block *block;
|
struct tcf_block *block = NULL;
|
||||||
struct tcf_proto *tp = NULL;
|
struct tcf_proto *tp = NULL;
|
||||||
unsigned long cl = 0;
|
unsigned long cl = 0;
|
||||||
void *fh = NULL;
|
void *fh = NULL;
|
||||||
int err;
|
int err;
|
||||||
bool rtnl_held = true;
|
bool rtnl_held = false;
|
||||||
|
|
||||||
err = nlmsg_parse(n, sizeof(*t), tca, TCA_MAX, rtm_tca_policy, extack);
|
err = nlmsg_parse(n, sizeof(*t), tca, TCA_MAX, rtm_tca_policy, extack);
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
@ -2298,8 +2371,26 @@ static int tc_get_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
|
|||||||
|
|
||||||
/* Find head of filter chain. */
|
/* Find head of filter chain. */
|
||||||
|
|
||||||
block = tcf_block_find(net, &q, &parent, &cl,
|
err = __tcf_qdisc_find(net, &q, &parent, t->tcm_ifindex, false, extack);
|
||||||
t->tcm_ifindex, t->tcm_block_index, extack);
|
if (err)
|
||||||
|
return err;
|
||||||
|
|
||||||
|
/* Take rtnl mutex if block is shared (no qdisc found), qdisc is not
|
||||||
|
* unlocked, classifier type is not specified, classifier is not
|
||||||
|
* unlocked.
|
||||||
|
*/
|
||||||
|
if ((q && !(q->ops->cl_ops->flags & QDISC_CLASS_OPS_DOIT_UNLOCKED)) ||
|
||||||
|
!tca[TCA_KIND] || !tcf_proto_is_unlocked(nla_data(tca[TCA_KIND]))) {
|
||||||
|
rtnl_held = true;
|
||||||
|
rtnl_lock();
|
||||||
|
}
|
||||||
|
|
||||||
|
err = __tcf_qdisc_cl_find(q, parent, &cl, t->tcm_ifindex, extack);
|
||||||
|
if (err)
|
||||||
|
goto errout;
|
||||||
|
|
||||||
|
block = __tcf_block_find(net, q, cl, t->tcm_ifindex, t->tcm_block_index,
|
||||||
|
extack);
|
||||||
if (IS_ERR(block)) {
|
if (IS_ERR(block)) {
|
||||||
err = PTR_ERR(block);
|
err = PTR_ERR(block);
|
||||||
goto errout;
|
goto errout;
|
||||||
@ -2352,6 +2443,10 @@ errout:
|
|||||||
tcf_chain_put(chain);
|
tcf_chain_put(chain);
|
||||||
}
|
}
|
||||||
tcf_block_release(q, block, rtnl_held);
|
tcf_block_release(q, block, rtnl_held);
|
||||||
|
|
||||||
|
if (rtnl_held)
|
||||||
|
rtnl_unlock();
|
||||||
|
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -3214,10 +3309,12 @@ static int __init tc_filter_init(void)
|
|||||||
if (err)
|
if (err)
|
||||||
goto err_rhash_setup_block_ht;
|
goto err_rhash_setup_block_ht;
|
||||||
|
|
||||||
rtnl_register(PF_UNSPEC, RTM_NEWTFILTER, tc_new_tfilter, NULL, 0);
|
rtnl_register(PF_UNSPEC, RTM_NEWTFILTER, tc_new_tfilter, NULL,
|
||||||
rtnl_register(PF_UNSPEC, RTM_DELTFILTER, tc_del_tfilter, NULL, 0);
|
RTNL_FLAG_DOIT_UNLOCKED);
|
||||||
|
rtnl_register(PF_UNSPEC, RTM_DELTFILTER, tc_del_tfilter, NULL,
|
||||||
|
RTNL_FLAG_DOIT_UNLOCKED);
|
||||||
rtnl_register(PF_UNSPEC, RTM_GETTFILTER, tc_get_tfilter,
|
rtnl_register(PF_UNSPEC, RTM_GETTFILTER, tc_get_tfilter,
|
||||||
tc_dump_tfilter, 0);
|
tc_dump_tfilter, RTNL_FLAG_DOIT_UNLOCKED);
|
||||||
rtnl_register(PF_UNSPEC, RTM_NEWCHAIN, tc_ctl_chain, NULL, 0);
|
rtnl_register(PF_UNSPEC, RTM_NEWCHAIN, tc_ctl_chain, NULL, 0);
|
||||||
rtnl_register(PF_UNSPEC, RTM_DELCHAIN, tc_ctl_chain, NULL, 0);
|
rtnl_register(PF_UNSPEC, RTM_DELCHAIN, tc_ctl_chain, NULL, 0);
|
||||||
rtnl_register(PF_UNSPEC, RTM_GETCHAIN, tc_ctl_chain,
|
rtnl_register(PF_UNSPEC, RTM_GETCHAIN, tc_ctl_chain,
|
||||||
|
Loading…
x
Reference in New Issue
Block a user