Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp1411302ybb; Thu, 9 Apr 2020 01:20:56 -0700 (PDT) X-Google-Smtp-Source: APiQypIWFWn5AoPPQUIL3RgAZkaJQhl0BuPK3OuTbk4X/BBjG+hrw8zG0XEZy+oIzuiuLUwH2k5O X-Received: by 2002:aca:34c6:: with SMTP id b189mr5317246oia.63.1586420456469; Thu, 09 Apr 2020 01:20:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586420456; cv=none; d=google.com; s=arc-20160816; b=gkWqs1QTCFemWIfPkyO8yDnwt0WRtcwsxqERd26opr9oz1AP9C4om0+FAbV1jeYEaS rijgD4vvtwBNkJnSkSiJb/6aateLv1m9M9krleLrtUfdLQJrzI0OXjgSTDP5A4B6E859 5GV3Rgy+aU3L5AmekYHQrz57w9QDKHDJKBxcxB8can1eF3TOlj12jVw+rhNgK6mmLl1C X89UHsA15jG5blu4LOXw2qkyGsXAU8vql2Cj8mPJvDwCI0yUaVq4Sy6jxsBHQz/k3UgP V+Jcc8gt5Y7/NEvjvkxtt6xfjNJn38tPp7aOKe4Ap0rGpY4o9myChjgk4QgieLkci4lx qL2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:in-reply-to :mime-version:user-agent:date:message-id:from:cc:references:to :subject; bh=wB0B78jOH9z1DsqM979WfF2eTg0l2KHm0Wm6cXIXafE=; b=kCzg5wfHh5ppkaHAhINCW+nMrqVIG7PSRIGuUBry8GflBT9k2vmCunr8r3WYWugKux leWqhgA1oDGmM5M/ELBFtYyzTg9g6FIQFieL7/uJ46kjA/Fwl8jwnqgu63zxenK2SEzj 4mhNWVmnmEssrFMiSgWjS81+n6JRk0IDRSasgkMCDOX6vzGhafNvia5zR18IjzkBMrIe 3U6pQcEpdu6MK2aaUVoIMBKED9+4ZX0i9jLk2cgIshLTwWztJOjtvrKunFoaRX5UUYZ+ S3qWalo1NgMMTI1esdbjPaFiSHtI+NNhm56sog8B3XLPzIGhWjP2jjLW6g14sJ6ij9bv 5P1w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w81si3461614oia.48.2020.04.09.01.20.42; Thu, 09 Apr 2020 01:20:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726622AbgDIITx (ORCPT + 99 others); Thu, 9 Apr 2020 04:19:53 -0400 Received: from szxga07-in.huawei.com ([45.249.212.35]:41934 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726574AbgDIITw (ORCPT ); Thu, 9 Apr 2020 04:19:52 -0400 Received: from DGGEMS408-HUB.china.huawei.com (unknown [172.30.72.58]) by Forcepoint Email with ESMTP id 8225558B6D2409B32471; Thu, 9 Apr 2020 16:19:43 +0800 (CST) Received: from [127.0.0.1] (10.173.223.234) by DGGEMS408-HUB.china.huawei.com (10.3.19.208) with Microsoft SMTP Server id 14.3.487.0; Thu, 9 Apr 2020 16:19:38 +0800 Subject: Re: [PATCH net-next] xfrm: policy: Remove obsolete WARN while xfrm policy inserting To: Steffen Klassert References: <20200327123443.12408-1-yuehaibing@huawei.com> <20200328112302.GA13121@gauss3.secunet.de> <1d3596fb-c7e3-16c9-f48f-fe58e9a2569a@huawei.com> <20200406090327.GF13121@gauss3.secunet.de> CC: , , , , From: Yuehaibing Message-ID: Date: Thu, 9 Apr 2020 16:19:37 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <20200406090327.GF13121@gauss3.secunet.de> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-Originating-IP: [10.173.223.234] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2020/4/6 17:03, Steffen Klassert wrote: > On Mon, Mar 30, 2020 at 10:05:32PM +0800, Yuehaibing wrote: >> On 2020/3/28 19:23, Steffen Klassert wrote: >>> On Fri, Mar 27, 2020 at 08:34:43PM +0800, YueHaibing wrote: >>>> Since commit 7cb8a93968e3 ("xfrm: Allow inserting policies with matching >>>> mark and different priorities"), we allow duplicate policies with >>>> different priority, this WARN is not needed any more. >>> >>> Can you please describe a bit more detailed why this warning >>> can't trigger anymore? >> >> No, this warning is triggered while detect a duplicate entry in the policy list >> >> regardless of the priority. If we insert policy like this: >> >> policy A (mark.v = 3475289, mark.m = 0, priority = 1) //A is inserted >> policy B (mark.v = 0, mark.m = 0, priority = 0) //B is inserted >> policy C (mark.v = 3475289, mark.m = 0, priority = 0) //C is inserted and B is deleted > > The codepath that replaces a policy by another should just trigger > on policy updates (XFRM_MSG_UPDPOLICY). Is that the case in your > test? Yes, this is triggered by XFRM_MSG_UPDPOLICY > > It should not be possible to add policy C with XFRM_MSG_NEWPOLICY > as long as you have policy B inserted. > > The update replaces an old policy by a new one, the lookup keys of > the old policy must match the lookup keys of the new one. But policy > B has not the same lookup keys as C, the mark is different. So B should > not be replaced with C. 1436 static bool xfrm_policy_mark_match(struct xfrm_policy *policy, 1437 struct xfrm_policy *pol) 1438 { 1439 u32 mark = policy->mark.v & policy->mark.m; 1440 1441 if (policy->mark.v == pol->mark.v && policy->mark.m == pol->mark.m) 1442 return true; 1443 1444 if ((mark & pol->mark.m) == pol->mark.v && //policy is C, pol is B, so mark is 0, pol->mark.m is 0, pol->mark.v is 0 1445 policy->priority == pol->priority) //priority is same zero, so return true, B is replaced with C 1446 return true; 1447 1448 return false; 1449 } Should xfrm_policy_mark_match be fixed? > >> policy D (mark.v = 3475289, mark.m = 0, priority = 1) >> >> while finding delpol in xfrm_policy_insert_list, >> first round delpol is matched C, whose priority is less than D, so contiue the loop, >> then A is matched, WARN_ON is triggered. It seems the WARN is useless. > > Looks like the warning is usefull, it found a bug. > > > . >