Jesper Dangaard Brouer ad0ab027fc xdp: fix bug in cpumap teardown code path
When removing a cpumap entry, a number of syncronization steps happen.
Eventually the teardown code __cpu_map_entry_free is invoked from/via
call_rcu.

The teardown code __cpu_map_entry_free() flushes remaining xdp_frames,
by invoking bq_flush_to_queue, which calls xdp_return_frame_rx_napi().
The issues is that the teardown code is not running in the RX NAPI
code path.  Thus, it is not allowed to invoke the NAPI variant of
xdp_return_frame.

This bug was found and triggered by using the --stress-mode option to
the samples/bpf program xdp_redirect_cpu.  It is hard to trigger,
because the ptr_ring have to be full and cpumap bulk queue max
contains 8 packets, and a remote CPU is racing to empty the ptr_ring
queue.

Fixes: 389ab7f01af9 ("xdp: introduce xdp_return_frame_rx_napi")
Tested-by: Jean-Tsung Hsiao <jhsiao@redhat.com>
Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-08-09 21:50:44 +02:00
..
2018-06-15 18:10:01 -03:00
2018-06-12 16:19:22 -07:00
2018-06-28 14:00:40 +02:00
2018-06-06 16:04:55 -07:00
\n
2018-06-17 05:06:18 +09:00
2018-03-15 20:34:40 +01:00
2018-04-27 14:34:51 +02:00
2018-07-26 19:38:03 -07:00
2018-06-16 07:36:39 +09:00
2018-01-05 18:43:00 +11:00
2018-06-08 17:21:52 -07:00
2018-06-06 16:34:00 -07:00
2018-06-12 16:19:22 -07:00
2018-06-07 16:56:28 -04:00
2018-06-12 16:19:22 -07:00