Received: by 10.223.176.46 with SMTP id f43csp281141wra; Tue, 23 Jan 2018 20:59:17 -0800 (PST) X-Google-Smtp-Source: AH8x226pOzTmlzC+eZJelGoMS9iKUi3YxE06DSubvpmwE4QXiYqf+6EOuQtD5C8FdWTi+6g+JmKC X-Received: by 10.98.74.20 with SMTP id x20mr12038393pfa.191.1516769957078; Tue, 23 Jan 2018 20:59:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516769957; cv=none; d=google.com; s=arc-20160816; b=0ishwV9zW6UnDzwIx3f6pDaA62Bc+svbkRHWeFNMQSdkNsjESA6s8HNhlG4pvL4QrG 0nhMRbzmDwEJIz13H8fwrzs/XIxtGrDNL8FSuLhm6RVfpbqFNubdqBWxNdwGJV6/nkbE VPIsoTyRyO2XzsTHQvfCpZphzVSIN/fOVBdqp/TYwcD3FpyG3DJrFoh34vEG+5U1GYFa B3WybB3GjBpetmzMMYFEDC4IyaXvYo4umYZaUP8dbMTj8utcuzbfxzdu2N5E+RBGsT0D haLspASwLwhpf9RnbvN2hz14lrnQ/rMR0aXagNtTW7mZjekVCZz7a46kv9laQw8M+5ty MCJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:content-transfer-encoding :spamdiagnosticmetadata:spamdiagnosticoutput:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=PJzh0yipWRIZ6ptpGDP5L3zUYOg1TMzDPpAQTXvmUYc=; b=ASrdaEzTJihjytEbP7hwOMaeKtJ0rhxdyuBrZu9rPRgU+dmWZhBnH4kCv3k2QlutGv WYe7LerZWZw0lUAgN6mgX+oqSHsR/Swx8f3peUIIddQd3WavUIGTknZ6T60/a12AqPYX ulMytMG0I/GgctTeC5ST7KbWZK6U8c0UOR7G7PkA4KL/a1dfpXJtDEJov5eSI5+vVy8Z ubbUl0c/ZvjRF1fsUR0SOw+gCQtbBhU95AFyCAxHQH95GtQk0B3cgvSo+Nxp+l90csiq SU9tTljm7qcxXiLB7HeaCMmrRjNN+h/95J+FhhwYILTCQ+TXRyoc1VzFETiRbb6QKfIq qB/Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector1 header.b=HNnRM82n; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i90-v6si3879526pli.676.2018.01.23.20.59.03; Tue, 23 Jan 2018 20:59:17 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector1 header.b=HNnRM82n; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932555AbeAXE6J (ORCPT + 99 others); Tue, 23 Jan 2018 23:58:09 -0500 Received: from mail-sn1nam01on0111.outbound.protection.outlook.com ([104.47.32.111]:45037 "EHLO NAM01-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752824AbeAXEPR (ORCPT ); Tue, 23 Jan 2018 23:15:17 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=PJzh0yipWRIZ6ptpGDP5L3zUYOg1TMzDPpAQTXvmUYc=; b=HNnRM82nB5zfk8jrmJG64ZdMF05t3QhECUVcRv9+tU5oSFL3gDpT4ou/Ts6dkUHAY25fooawBxBgsgPsEwS0liz5WU/R+RJAYDDUMPHeZ7yZAnKql5Qrx6d8lKwHlgLVOUKEZwQMN0ylSRtdTF/IJOi70P2UAWffaT5ZlRaigP4= Received: from DM5PR2101MB1032.namprd21.prod.outlook.com (52.132.128.13) by DM5PR2101MB0998.namprd21.prod.outlook.com (52.132.133.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.464.0; Wed, 24 Jan 2018 04:15:12 +0000 Received: from DM5PR2101MB1032.namprd21.prod.outlook.com ([fe80::6485:b98:d15e:9da7]) by DM5PR2101MB1032.namprd21.prod.outlook.com ([fe80::6485:b98:d15e:9da7%2]) with mapi id 15.20.0464.000; Wed, 24 Jan 2018 04:15:12 +0000 From: Sasha Levin To: "linux-kernel@vger.kernel.org" , "stable@vger.kernel.org" CC: zhangliping , "David S . Miller" , Sasha Levin Subject: [PATCH AUTOSEL for 4.14 038/100] openvswitch: fix the incorrect flow action alloc size Thread-Topic: [PATCH AUTOSEL for 4.14 038/100] openvswitch: fix the incorrect flow action alloc size Thread-Index: AQHTlMnc5Bl5r3nOX0aoCpGKuUVUwQ== Date: Wed, 24 Jan 2018 04:14:42 +0000 Message-ID: <20180124041414.32065-38-alexander.levin@microsoft.com> References: <20180124041414.32065-1-alexander.levin@microsoft.com> In-Reply-To: <20180124041414.32065-1-alexander.levin@microsoft.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [52.168.54.252] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1;DM5PR2101MB0998;7:Dh+5rrxx8YxTfATS0szWOSYCwa6ZluAmKr+k+psQjA/iVpUUTBRsswc5tgVLeOhQGrF8JnWJ8O1j3clBX0LmaAXkZ/VYg2UX/kQZMU2tJaIIIjWQWVqz4KuxqWpmVla/UYux643TfcnLkclKCyKibT0Sj1kbe2tCW9GFOlEw8E3d9ci8BsM5/yyWVynBPRjEkBqwcEG0yiZl5Iit1jGblNMGO9/1DSwXe6Kd6R+WDDMyHD/qw63GEbQvXg0guvWI x-ms-office365-filtering-correlation-id: 8f1decf4-ea5f-47db-ae6e-08d562e11043 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(2017052603307)(7193020);SRVR:DM5PR2101MB0998; x-ms-traffictypediagnostic: DM5PR2101MB0998: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(28532068793085)(20558992708506)(89211679590171)(210246017326159); x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(61425038)(6040501)(2401047)(8121501046)(5005006)(93006095)(93001095)(3231046)(2400081)(944501161)(10201501046)(3002001)(6055026)(61426038)(61427038)(6041288)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011);SRVR:DM5PR2101MB0998;BCL:0;PCL:0;RULEID:;SRVR:DM5PR2101MB0998; x-forefront-prvs: 056297E276 x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(366004)(39380400002)(346002)(39860400002)(396003)(376002)(199004)(189003)(14454004)(3660700001)(6346003)(10290500003)(105586002)(66066001)(6506007)(8676002)(22452003)(86612001)(54906003)(10090500001)(81166006)(81156014)(76176011)(110136005)(86362001)(68736007)(106356001)(8936002)(3280700002)(36756003)(25786009)(107886003)(2501003)(6666003)(99286004)(2906002)(26005)(2950100002)(72206003)(102836004)(305945005)(6116002)(3846002)(5660300001)(4326008)(478600001)(316002)(53936002)(97736004)(2900100001)(5250100002)(6512007)(6436002)(6486002)(1076002)(7736002)(22906009)(217873001);DIR:OUT;SFP:1102;SCL:1;SRVR:DM5PR2101MB0998;H:DM5PR2101MB1032.namprd21.prod.outlook.com;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Alexander.Levin@microsoft.com; x-microsoft-antispam-message-info: nW+1e220Heuqw3ZJsd6eQ2yR1/UGlwYz30S5FJdAtgPhF24/z9ciUfLaeS/LSOifL02wemmgPwTDgQAODeBUKg== spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8f1decf4-ea5f-47db-ae6e-08d562e11043 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2018 04:14:42.8889 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR2101MB0998 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: zhangliping [ Upstream commit 67c8d22a73128ff910e2287567132530abcf5b71 ] If we want to add a datapath flow, which has more than 500 vxlan outputs' action, we will get the following error reports: openvswitch: netlink: Flow action size 32832 bytes exceeds max openvswitch: netlink: Flow action size 32832 bytes exceeds max openvswitch: netlink: Actions may not be safe on all matching packets ... ... It seems that we can simply enlarge the MAX_ACTIONS_BUFSIZE to fix it, but this is not the root cause. For example, for a vxlan output action, we need about 60 bytes for the nlattr, but after it is converted to the flow action, it only occupies 24 bytes. This means that we can still support more than 1000 vxlan output actions for a single datapath flow under the the current 32k max limitation. So even if the nla_len(attr) is larger than MAX_ACTIONS_BUFSIZE, we shouldn't report EINVAL and keep it move on, as the judgement can be done by the reserve_sfa_size. Signed-off-by: zhangliping Acked-by: Pravin B Shelar Signed-off-by: David S. Miller Signed-off-by: Sasha Levin --- net/openvswitch/flow_netlink.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.= c index e8eb427ce6d1..0d9f6afa266c 100644 --- a/net/openvswitch/flow_netlink.c +++ b/net/openvswitch/flow_netlink.c @@ -1903,14 +1903,11 @@ int ovs_nla_put_mask(const struct sw_flow *flow, st= ruct sk_buff *skb) =20 #define MAX_ACTIONS_BUFSIZE (32 * 1024) =20 -static struct sw_flow_actions *nla_alloc_flow_actions(int size, bool log) +static struct sw_flow_actions *nla_alloc_flow_actions(int size) { struct sw_flow_actions *sfa; =20 - if (size > MAX_ACTIONS_BUFSIZE) { - OVS_NLERR(log, "Flow action size %u bytes exceeds max", size); - return ERR_PTR(-EINVAL); - } + WARN_ON_ONCE(size > MAX_ACTIONS_BUFSIZE); =20 sfa =3D kmalloc(sizeof(*sfa) + size, GFP_KERNEL); if (!sfa) @@ -1983,12 +1980,15 @@ static struct nlattr *reserve_sfa_size(struct sw_fl= ow_actions **sfa, new_acts_size =3D ksize(*sfa) * 2; =20 if (new_acts_size > MAX_ACTIONS_BUFSIZE) { - if ((MAX_ACTIONS_BUFSIZE - next_offset) < req_size) + if ((MAX_ACTIONS_BUFSIZE - next_offset) < req_size) { + OVS_NLERR(log, "Flow action size exceeds max %u", + MAX_ACTIONS_BUFSIZE); return ERR_PTR(-EMSGSIZE); + } new_acts_size =3D MAX_ACTIONS_BUFSIZE; } =20 - acts =3D nla_alloc_flow_actions(new_acts_size, log); + acts =3D nla_alloc_flow_actions(new_acts_size); if (IS_ERR(acts)) return (void *)acts; =20 @@ -2660,7 +2660,7 @@ int ovs_nla_copy_actions(struct net *net, const struc= t nlattr *attr, { int err; =20 - *sfa =3D nla_alloc_flow_actions(nla_len(attr), log); + *sfa =3D nla_alloc_flow_actions(min(nla_len(attr), MAX_ACTIONS_BUFSIZE)); if (IS_ERR(*sfa)) return PTR_ERR(*sfa); =20 --=20 2.11.0