Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp754448ybt; Wed, 8 Jul 2020 10:49:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzdzrcCGH3gDqsIgYJz+0hhPc2Sf4/A8603RlNcF/9YWGfPlMgVOCZE+Lu2TDcDV5j9s5z9 X-Received: by 2002:aa7:db06:: with SMTP id t6mr64012457eds.369.1594230544429; Wed, 08 Jul 2020 10:49:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594230544; cv=none; d=google.com; s=arc-20160816; b=Klwa6hMTxHPB3n2ietpSZUbRPgRvaeox5M45+I+AE9/9l2W7mdTgyotsZkHRBA62Cc Q+4lKwhpcInsVOX/tyEDSUMZSDYlWMHLqRLTE2f738FMmoJoVO8GfudTEZt6gtfc8/yU Euc7N4kpoUsG4JVNXO/6B/Gqegt87RU1QhZGEJomunaxgnePra2/7TUBwgVjrHPPwPoH lI2jqESDpbzEo6K4U8GlB/AOeWk6zrVtSSy8BDiWMjNhNX3pvr1qBeoZPK09znF42Zr3 jvj5JBT8ze4VBhCazWFl9mEv82r4XqzH+gtZK600l/LkRbN22cCEA8FwHcxZJact2Kaf unNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=Os4K120anUXrDwQjbfDJHVlMkw60r/Vo+SDW/vSPhzg=; b=D0r/Q9w3FrrNSjpvMuE3qvcigx0n2kkmjYmPtFboUHfhJjWEr56oNLWfyMktKpgmmG W8fF+GEZBy8HrJEDLaFYOWVuA7Q2CU2mwtuoBa3e5WMlm0bhizaWf949dZ9iwPkxXgh1 9d5Jf48bJupjGeMRLZ9uMOpBUEpKOgDE9R+JlNcXCD5VZo1mY0COLqltczuyvPTgGboh 3i1BNFUDEZ3CK9dchqHyRZ7Ytm7rMRy1+3x5Mc9mTpjXAySyZPJjrjgNxt0sBhqbu7J7 U9GnSBqlnpc3DSt+WYFXwQ/+fCMLLUp7jossxV/C6PUzzJrYkxxLipnB1/0PU9XuhpzT dW+A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=gJ9bHysi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i21si341158ejj.293.2020.07.08.10.48.40; Wed, 08 Jul 2020 10:49:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=gJ9bHysi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728679AbgGHRrE (ORCPT + 99 others); Wed, 8 Jul 2020 13:47:04 -0400 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:57155 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727774AbgGHRqw (ORCPT ); Wed, 8 Jul 2020 13:46:52 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1594230411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=Os4K120anUXrDwQjbfDJHVlMkw60r/Vo+SDW/vSPhzg=; b=gJ9bHysiBrxyubPvh41PuxfrMm1ZoTQRqoKzrt7N5pAEGbMXHKlsz0b5kDdMumVG3wv5/7 ZkVHMA86P7HuCZtzLMXCtoMK8glmNuCDiZifIyTuRapOFt1jm31SNTYaP51jcTJ8bAOn1H K8joj191jRi2sRCdcEkulMFMe4MH1xo= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-139-xdu2Hyo9OcK0JA85iGKAOg-1; Wed, 08 Jul 2020 13:46:49 -0400 X-MC-Unique: xdu2Hyo9OcK0JA85iGKAOg-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6F7B988C799; Wed, 8 Jul 2020 17:46:47 +0000 (UTC) Received: from hp-dl360pgen8-07.khw2.lab.eng.bos.redhat.com (hp-dl360pgen8-07.khw2.lab.eng.bos.redhat.com [10.16.210.135]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0391C5C1B2; Wed, 8 Jul 2020 17:46:42 +0000 (UTC) From: Jarod Wilson To: linux-kernel@vger.kernel.org Cc: Jarod Wilson , Huy Nguyen , Saeed Mahameed , Jay Vosburgh , Veaceslav Falico , Andy Gospodarek , "David S. Miller" , Jeff Kirsher , Jakub Kicinski , Steffen Klassert , Herbert Xu , netdev@vger.kernel.org, intel-wired-lan@lists.osuosl.org Subject: [PATCH net-next] bonding: deal with xfrm state in all modes and add more error-checking Date: Wed, 8 Jul 2020 13:46:31 -0400 Message-Id: <20200708174631.15286-1-jarod@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org It's possible that device removal happens when the bond is in non-AB mode, and addition happens in AB mode, so bond_ipsec_del_sa() never gets called, which leaves security associations in an odd state if bond_ipsec_add_sa() then gets called after switching the bond into AB. Just call add and delete universally for all modes to keep things consistent. However, it's also possible that this code gets called when the system is shutting down, and the xfrm subsystem has already been disconnected from the bond device, so we need to do some error-checking and bail, lest we hit a null ptr deref. Fixes: a3b658cfb664 ("bonding: allow xfrm offload setup post-module-load") CC: Huy Nguyen CC: Saeed Mahameed CC: Jay Vosburgh CC: Veaceslav Falico CC: Andy Gospodarek CC: "David S. Miller" CC: Jeff Kirsher CC: Jakub Kicinski CC: Steffen Klassert CC: Herbert Xu CC: netdev@vger.kernel.org CC: intel-wired-lan@lists.osuosl.org Signed-off-by: Jarod Wilson --- drivers/net/bonding/bond_main.c | 39 +++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 14 deletions(-) diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c index 2adf6ce20a38..f886d97c4359 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c @@ -383,9 +383,14 @@ static int bond_vlan_rx_kill_vid(struct net_device *bond_dev, static int bond_ipsec_add_sa(struct xfrm_state *xs) { struct net_device *bond_dev = xs->xso.dev; - struct bonding *bond = netdev_priv(bond_dev); - struct slave *slave = rtnl_dereference(bond->curr_active_slave); + struct bonding *bond; + struct slave *slave; + if (!bond_dev) + return -EINVAL; + + bond = netdev_priv(bond_dev); + slave = rtnl_dereference(bond->curr_active_slave); xs->xso.real_dev = slave->dev; bond->xs = xs; @@ -405,8 +410,14 @@ static int bond_ipsec_add_sa(struct xfrm_state *xs) static void bond_ipsec_del_sa(struct xfrm_state *xs) { struct net_device *bond_dev = xs->xso.dev; - struct bonding *bond = netdev_priv(bond_dev); - struct slave *slave = rtnl_dereference(bond->curr_active_slave); + struct bonding *bond; + struct slave *slave; + + if (!bond_dev) + return; + + bond = netdev_priv(bond_dev); + slave = rtnl_dereference(bond->curr_active_slave); if (!slave) return; @@ -960,12 +971,12 @@ void bond_change_active_slave(struct bonding *bond, struct slave *new_active) if (old_active == new_active) return; - if (new_active) { #ifdef CONFIG_XFRM_OFFLOAD - if ((BOND_MODE(bond) == BOND_MODE_ACTIVEBACKUP) && bond->xs) - bond_ipsec_del_sa(bond->xs); + if (old_active && bond->xs) + bond_ipsec_del_sa(bond->xs); #endif /* CONFIG_XFRM_OFFLOAD */ + if (new_active) { new_active->last_link_up = jiffies; if (new_active->link == BOND_LINK_BACK) { @@ -1028,13 +1039,6 @@ void bond_change_active_slave(struct bonding *bond, struct slave *new_active) bond_should_notify_peers(bond); } -#ifdef CONFIG_XFRM_OFFLOAD - if (old_active && bond->xs) { - xfrm_dev_state_flush(dev_net(bond->dev), bond->dev, true); - bond_ipsec_add_sa(bond->xs); - } -#endif /* CONFIG_XFRM_OFFLOAD */ - call_netdevice_notifiers(NETDEV_BONDING_FAILOVER, bond->dev); if (should_notify_peers) { bond->send_peer_notif--; @@ -1044,6 +1048,13 @@ void bond_change_active_slave(struct bonding *bond, struct slave *new_active) } } +#ifdef CONFIG_XFRM_OFFLOAD + if (new_active && bond->xs) { + xfrm_dev_state_flush(dev_net(bond->dev), bond->dev, true); + bond_ipsec_add_sa(bond->xs); + } +#endif /* CONFIG_XFRM_OFFLOAD */ + /* resend IGMP joins since active slave has changed or * all were sent on curr_active_slave. * resend only if bond is brought up with the affected -- 2.20.1