Merge branch 'mlxsw-Fix-ACL-actions-error-condition-handling'

Ido Schimmel says:

====================
mlxsw: Fix ACL actions error condition handling

Nir says:

Two issues were lately noticed within mlxsw ACL actions error condition
handling. The first patch deals with conflicting actions such as:

 # tc filter add dev swp49 parent ffff: \
   protocol ip pref 10 flower skip_sw dst_ip 192.168.101.1 \
   action goto chain 100 \
   action mirred egress redirect dev swp4

The second action will never execute, however SW model allows this
configuration, while the mlxsw driver cannot allow for it as it
implements actions in sets of up to three actions per set with a single
termination marking. Conflicting actions create a contradiction over
this single marking and thus cannot be configured. The fix replaces a
misplaced warning with an error code to be returned.

Patches 2-4 fix a condition of duplicate destruction of resources. Some
actions require allocation of specific resource prior to setting the
action itself. On error condition this resource was destroyed twice,
leading to a crash when using mirror action, and to a redundant
destruction in other cases, since for error condition rule destruction
also takes care of resource destruction. In order to fix this state a
symmetry in behavior is added and resource destruction also takes care
of removing the resource from rule's resource list.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2018-08-03 12:28:02 -07:00
commit 60a01828f3
1 changed files with 29 additions and 22 deletions

View File

@ -327,12 +327,16 @@ static void mlxsw_afa_resource_add(struct mlxsw_afa_block *block,
list_add(&resource->list, &block->resource_list); list_add(&resource->list, &block->resource_list);
} }
static void mlxsw_afa_resource_del(struct mlxsw_afa_resource *resource)
{
list_del(&resource->list);
}
static void mlxsw_afa_resources_destroy(struct mlxsw_afa_block *block) static void mlxsw_afa_resources_destroy(struct mlxsw_afa_block *block)
{ {
struct mlxsw_afa_resource *resource, *tmp; struct mlxsw_afa_resource *resource, *tmp;
list_for_each_entry_safe(resource, tmp, &block->resource_list, list) { list_for_each_entry_safe(resource, tmp, &block->resource_list, list) {
list_del(&resource->list);
resource->destructor(block, resource); resource->destructor(block, resource);
} }
} }
@ -530,6 +534,7 @@ static void
mlxsw_afa_fwd_entry_ref_destroy(struct mlxsw_afa_block *block, mlxsw_afa_fwd_entry_ref_destroy(struct mlxsw_afa_block *block,
struct mlxsw_afa_fwd_entry_ref *fwd_entry_ref) struct mlxsw_afa_fwd_entry_ref *fwd_entry_ref)
{ {
mlxsw_afa_resource_del(&fwd_entry_ref->resource);
mlxsw_afa_fwd_entry_put(block->afa, fwd_entry_ref->fwd_entry); mlxsw_afa_fwd_entry_put(block->afa, fwd_entry_ref->fwd_entry);
kfree(fwd_entry_ref); kfree(fwd_entry_ref);
} }
@ -579,6 +584,7 @@ static void
mlxsw_afa_counter_destroy(struct mlxsw_afa_block *block, mlxsw_afa_counter_destroy(struct mlxsw_afa_block *block,
struct mlxsw_afa_counter *counter) struct mlxsw_afa_counter *counter)
{ {
mlxsw_afa_resource_del(&counter->resource);
block->afa->ops->counter_index_put(block->afa->ops_priv, block->afa->ops->counter_index_put(block->afa->ops_priv,
counter->counter_index); counter->counter_index);
kfree(counter); kfree(counter);
@ -626,8 +632,8 @@ static char *mlxsw_afa_block_append_action(struct mlxsw_afa_block *block,
char *oneact; char *oneact;
char *actions; char *actions;
if (WARN_ON(block->finished)) if (block->finished)
return NULL; return ERR_PTR(-EINVAL);
if (block->cur_act_index + action_size > if (block->cur_act_index + action_size >
block->afa->max_acts_per_set) { block->afa->max_acts_per_set) {
struct mlxsw_afa_set *set; struct mlxsw_afa_set *set;
@ -637,7 +643,7 @@ static char *mlxsw_afa_block_append_action(struct mlxsw_afa_block *block,
*/ */
set = mlxsw_afa_set_create(false); set = mlxsw_afa_set_create(false);
if (!set) if (!set)
return NULL; return ERR_PTR(-ENOBUFS);
set->prev = block->cur_set; set->prev = block->cur_set;
block->cur_act_index = 0; block->cur_act_index = 0;
block->cur_set->next = set; block->cur_set->next = set;
@ -724,8 +730,8 @@ int mlxsw_afa_block_append_vlan_modify(struct mlxsw_afa_block *block,
MLXSW_AFA_VLAN_CODE, MLXSW_AFA_VLAN_CODE,
MLXSW_AFA_VLAN_SIZE); MLXSW_AFA_VLAN_SIZE);
if (!act) if (IS_ERR(act))
return -ENOBUFS; return PTR_ERR(act);
mlxsw_afa_vlan_pack(act, MLXSW_AFA_VLAN_VLAN_TAG_CMD_NOP, mlxsw_afa_vlan_pack(act, MLXSW_AFA_VLAN_VLAN_TAG_CMD_NOP,
MLXSW_AFA_VLAN_CMD_SET_OUTER, vid, MLXSW_AFA_VLAN_CMD_SET_OUTER, vid,
MLXSW_AFA_VLAN_CMD_SET_OUTER, pcp, MLXSW_AFA_VLAN_CMD_SET_OUTER, pcp,
@ -806,8 +812,8 @@ int mlxsw_afa_block_append_drop(struct mlxsw_afa_block *block)
MLXSW_AFA_TRAPDISC_CODE, MLXSW_AFA_TRAPDISC_CODE,
MLXSW_AFA_TRAPDISC_SIZE); MLXSW_AFA_TRAPDISC_SIZE);
if (!act) if (IS_ERR(act))
return -ENOBUFS; return PTR_ERR(act);
mlxsw_afa_trapdisc_pack(act, MLXSW_AFA_TRAPDISC_TRAP_ACTION_NOP, mlxsw_afa_trapdisc_pack(act, MLXSW_AFA_TRAPDISC_TRAP_ACTION_NOP,
MLXSW_AFA_TRAPDISC_FORWARD_ACTION_DISCARD, 0); MLXSW_AFA_TRAPDISC_FORWARD_ACTION_DISCARD, 0);
return 0; return 0;
@ -820,8 +826,8 @@ int mlxsw_afa_block_append_trap(struct mlxsw_afa_block *block, u16 trap_id)
MLXSW_AFA_TRAPDISC_CODE, MLXSW_AFA_TRAPDISC_CODE,
MLXSW_AFA_TRAPDISC_SIZE); MLXSW_AFA_TRAPDISC_SIZE);
if (!act) if (IS_ERR(act))
return -ENOBUFS; return PTR_ERR(act);
mlxsw_afa_trapdisc_pack(act, MLXSW_AFA_TRAPDISC_TRAP_ACTION_TRAP, mlxsw_afa_trapdisc_pack(act, MLXSW_AFA_TRAPDISC_TRAP_ACTION_TRAP,
MLXSW_AFA_TRAPDISC_FORWARD_ACTION_DISCARD, MLXSW_AFA_TRAPDISC_FORWARD_ACTION_DISCARD,
trap_id); trap_id);
@ -836,8 +842,8 @@ int mlxsw_afa_block_append_trap_and_forward(struct mlxsw_afa_block *block,
MLXSW_AFA_TRAPDISC_CODE, MLXSW_AFA_TRAPDISC_CODE,
MLXSW_AFA_TRAPDISC_SIZE); MLXSW_AFA_TRAPDISC_SIZE);
if (!act) if (IS_ERR(act))
return -ENOBUFS; return PTR_ERR(act);
mlxsw_afa_trapdisc_pack(act, MLXSW_AFA_TRAPDISC_TRAP_ACTION_TRAP, mlxsw_afa_trapdisc_pack(act, MLXSW_AFA_TRAPDISC_TRAP_ACTION_TRAP,
MLXSW_AFA_TRAPDISC_FORWARD_ACTION_FORWARD, MLXSW_AFA_TRAPDISC_FORWARD_ACTION_FORWARD,
trap_id); trap_id);
@ -856,6 +862,7 @@ static void
mlxsw_afa_mirror_destroy(struct mlxsw_afa_block *block, mlxsw_afa_mirror_destroy(struct mlxsw_afa_block *block,
struct mlxsw_afa_mirror *mirror) struct mlxsw_afa_mirror *mirror)
{ {
mlxsw_afa_resource_del(&mirror->resource);
block->afa->ops->mirror_del(block->afa->ops_priv, block->afa->ops->mirror_del(block->afa->ops_priv,
mirror->local_in_port, mirror->local_in_port,
mirror->span_id, mirror->span_id,
@ -908,8 +915,8 @@ mlxsw_afa_block_append_allocated_mirror(struct mlxsw_afa_block *block,
char *act = mlxsw_afa_block_append_action(block, char *act = mlxsw_afa_block_append_action(block,
MLXSW_AFA_TRAPDISC_CODE, MLXSW_AFA_TRAPDISC_CODE,
MLXSW_AFA_TRAPDISC_SIZE); MLXSW_AFA_TRAPDISC_SIZE);
if (!act) if (IS_ERR(act))
return -ENOBUFS; return PTR_ERR(act);
mlxsw_afa_trapdisc_pack(act, MLXSW_AFA_TRAPDISC_TRAP_ACTION_NOP, mlxsw_afa_trapdisc_pack(act, MLXSW_AFA_TRAPDISC_TRAP_ACTION_NOP,
MLXSW_AFA_TRAPDISC_FORWARD_ACTION_FORWARD, 0); MLXSW_AFA_TRAPDISC_FORWARD_ACTION_FORWARD, 0);
mlxsw_afa_trapdisc_mirror_pack(act, true, mirror_agent); mlxsw_afa_trapdisc_mirror_pack(act, true, mirror_agent);
@ -996,8 +1003,8 @@ int mlxsw_afa_block_append_fwd(struct mlxsw_afa_block *block,
act = mlxsw_afa_block_append_action(block, MLXSW_AFA_FORWARD_CODE, act = mlxsw_afa_block_append_action(block, MLXSW_AFA_FORWARD_CODE,
MLXSW_AFA_FORWARD_SIZE); MLXSW_AFA_FORWARD_SIZE);
if (!act) { if (IS_ERR(act)) {
err = -ENOBUFS; err = PTR_ERR(act);
goto err_append_action; goto err_append_action;
} }
mlxsw_afa_forward_pack(act, MLXSW_AFA_FORWARD_TYPE_PBS, mlxsw_afa_forward_pack(act, MLXSW_AFA_FORWARD_TYPE_PBS,
@ -1052,8 +1059,8 @@ int mlxsw_afa_block_append_allocated_counter(struct mlxsw_afa_block *block,
{ {
char *act = mlxsw_afa_block_append_action(block, MLXSW_AFA_POLCNT_CODE, char *act = mlxsw_afa_block_append_action(block, MLXSW_AFA_POLCNT_CODE,
MLXSW_AFA_POLCNT_SIZE); MLXSW_AFA_POLCNT_SIZE);
if (!act) if (IS_ERR(act))
return -ENOBUFS; return PTR_ERR(act);
mlxsw_afa_polcnt_pack(act, MLXSW_AFA_POLCNT_COUNTER_SET_TYPE_PACKETS_BYTES, mlxsw_afa_polcnt_pack(act, MLXSW_AFA_POLCNT_COUNTER_SET_TYPE_PACKETS_BYTES,
counter_index); counter_index);
return 0; return 0;
@ -1123,8 +1130,8 @@ int mlxsw_afa_block_append_fid_set(struct mlxsw_afa_block *block, u16 fid)
char *act = mlxsw_afa_block_append_action(block, char *act = mlxsw_afa_block_append_action(block,
MLXSW_AFA_VIRFWD_CODE, MLXSW_AFA_VIRFWD_CODE,
MLXSW_AFA_VIRFWD_SIZE); MLXSW_AFA_VIRFWD_SIZE);
if (!act) if (IS_ERR(act))
return -ENOBUFS; return PTR_ERR(act);
mlxsw_afa_virfwd_pack(act, MLXSW_AFA_VIRFWD_FID_CMD_SET, fid); mlxsw_afa_virfwd_pack(act, MLXSW_AFA_VIRFWD_FID_CMD_SET, fid);
return 0; return 0;
} }
@ -1193,8 +1200,8 @@ int mlxsw_afa_block_append_mcrouter(struct mlxsw_afa_block *block,
char *act = mlxsw_afa_block_append_action(block, char *act = mlxsw_afa_block_append_action(block,
MLXSW_AFA_MCROUTER_CODE, MLXSW_AFA_MCROUTER_CODE,
MLXSW_AFA_MCROUTER_SIZE); MLXSW_AFA_MCROUTER_SIZE);
if (!act) if (IS_ERR(act))
return -ENOBUFS; return PTR_ERR(act);
mlxsw_afa_mcrouter_pack(act, MLXSW_AFA_MCROUTER_RPF_ACTION_TRAP, mlxsw_afa_mcrouter_pack(act, MLXSW_AFA_MCROUTER_RPF_ACTION_TRAP,
expected_irif, min_mtu, rmid_valid, kvdl_index); expected_irif, min_mtu, rmid_valid, kvdl_index);
return 0; return 0;