Received: by 2002:a05:6358:701b:b0:131:369:b2a3 with SMTP id 27csp396179rwo; Fri, 21 Jul 2023 13:45:32 -0700 (PDT) X-Google-Smtp-Source: APBJJlEbYLE5bjOKY9HZ3t0WA5pG9pZXqvXJQvalz3AqEyRvG5MQSB/36ADemHZyU0n2KnCLsH5V X-Received: by 2002:a05:6a20:548c:b0:12d:5196:65ff with SMTP id i12-20020a056a20548c00b0012d519665ffmr3543170pzk.31.1689972331662; Fri, 21 Jul 2023 13:45:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689972331; cv=none; d=google.com; s=arc-20160816; b=G7BtGFuYyXQLliebwzkx3LHQKDkGSJ5Mk76xmWENEQLRoR+tgj9Afl6Dl3kuxGTyI4 HfD3ubU4s9XHfPQzRcJFp/rxZ4te6J+LOqb43KXMRlNBbCXA6nmhvRomnxAMVG0obqYt xw6I30lFwbxrRWkxVGSLvCXH2ANLTZ9RCd56FgHgbdl37SBqBM+i90p6dceb+I98oCom jL61Z+yLmZiBtz2ZogIGITOI7Vt23o9zzX/pnloH4qkRhzKra+pW8nT/Oim066eMZRXe qqbVVB7Z/ruqnq6XjBt6CsFvg21KZmh7BvQLlwjmpw6U/ldbfYYzzNXdvIItKFeMKFqG iMNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:feedback-id :dkim-signature:dkim-signature; bh=UIxSERX8/T0QhMA41PxgSILvKp1Mo/d3t7SIbHJ30FM=; fh=obOQjmd2u8s/FZ6CknXarxXPq13uQLBgaTERxcjsfDI=; b=Dd80CjPuPMPtqimn/ijlQCOU5lKwNKCL+Tm/Qw1Zdp+lo1niuvp+P/JQGp8UqLHfzG Emju5AQ/3lrQWlFoh09VmDPwkICnnqYFBQuTouDvrRqKC8L3kNL052yN2MRVhAnazOjA 9r/ppDYsi/ruT2Jf+T8nUNgjOfNHQhYo5MeOeBLf+cTPaSquxS3+qngt43hojGIegMWI aQoL3yrraOdAnYxIVXlkqmbSHZhDEB3CrmK9BzynpFQypXLO8/EHLCQs1nzwwFZESqG/ X0/N2Ol7PUiRzTJxMcmAKuIVG5x8/wF6R3fHYBwa1Pn6pD84wDZt2LWCXs6mK2kyrwCf 36Lg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@dxuuu.xyz header.s=fm2 header.b=t48KOEps; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=DNcO38MF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j12-20020a170903024c00b001b8af930e3dsi3933679plh.487.2023.07.21.13.45.19; Fri, 21 Jul 2023 13:45:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@dxuuu.xyz header.s=fm2 header.b=t48KOEps; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=DNcO38MF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229652AbjGUUDn (ORCPT + 99 others); Fri, 21 Jul 2023 16:03:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33830 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229476AbjGUUDl (ORCPT ); Fri, 21 Jul 2023 16:03:41 -0400 Received: from wnew4-smtp.messagingengine.com (wnew4-smtp.messagingengine.com [64.147.123.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 529A1272C; Fri, 21 Jul 2023 13:03:39 -0700 (PDT) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailnew.west.internal (Postfix) with ESMTP id 1D99E2B00169; Fri, 21 Jul 2023 16:03:34 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Fri, 21 Jul 2023 16:03:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dxuuu.xyz; h=cc :cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm2; t=1689969813; x=1689977013; bh=UI xSERX8/T0QhMA41PxgSILvKp1Mo/d3t7SIbHJ30FM=; b=t48KOEps/vCcAI7DxH mMtvIueAxN1ZU4cTbiqPu1lCCyFdy83iX7cSuiW88Rc/iGJjZo5VKLVtSJkgKBYT 2gKdzkEb3EBc8wuTXV/RPO5XwcJDdYBURiqAp2yGU8j4c5Lz0ZVOHNUiZ6qCo1Xe bL4QIktHu/2GuzJiUsP1sW9oV+CebNH3btNt8Fb4GGUBvuhEUSwKbjs+YceDLwqE wDeWeXA0k85WM4qxv11pIJCRQvCK3Mf1XOJTWSffF1UU/cwoNotj8AAu/0iGrejI CO0XX2ElBmcwyuAyuRP2xQp2YOpB4GnASkeQMgjoegqq3VaTi1ECshbJBuHLf5I+ VwUQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; t=1689969813; x=1689977013; bh=UIxSERX8/T0Qh MA41PxgSILvKp1Mo/d3t7SIbHJ30FM=; b=DNcO38MFDJ/BX9RI1DERnK7T82652 LbDTk23wYUgeUIg8cVJRj5kaUejXv3Jh5Q55I3tJdc1z2yqXswdlGgKQoWt3KXMy ppdC7aA2v9w938C9T6DWUD3Nsjhvgs+oot/aFZ1DER+1kDTElPprs17OAxhJdBU5 9Ws2kh1VXJ21Kq3511b7+DEPf3+IAi/dslfY5laRlsNDZeDkgQUYPMrl1K8CWAiY MtQ8zxzRbcuK9/nfdktUVlWEDWNzh8J4erjzK95sNoJHeS/fEV2W5N2l3e6ZSTP7 iLVAAp7K1EXrHnNjT4yTqNyCbBVnUrfIJ0OhrAEUxiI8D+atNWOE++Thw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedrhedvgddufeekucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne gfrhhlucfvnfffucdljedtmdenucfjughrpeffhffvvefukfhfgggtuggjsehttdfstddt tddvnecuhfhrohhmpeffrghnihgvlhcuighuuceougiguhesugiguhhuuhdrgiihiieqne cuggftrfgrthhtvghrnhepvdefkeetuddufeeigedtheefffekuedukeehudffudfffffg geeitdetgfdvhfdvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomhepugiguhesugiguhhuuhdrgiihii X-ME-Proxy: Feedback-ID: i6a694271:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 21 Jul 2023 16:03:30 -0400 (EDT) Date: Fri, 21 Jul 2023 14:03:29 -0600 From: Daniel Xu To: Florian Westphal Cc: daniel@iogearbox.net, kadlec@netfilter.org, ast@kernel.org, pablo@netfilter.org, kuba@kernel.org, davem@davemloft.net, andrii@kernel.org, edumazet@google.com, pabeni@redhat.com, alexei.starovoitov@gmail.com, martin.lau@linux.dev, song@kernel.org, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org, bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, dsahern@kernel.org Subject: Re: [PATCH bpf-next v5 2/5] netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link Message-ID: References: <690a1b09db84547b0f0c73654df3f4950f1262b7.1689884827.git.dxu@dxuuu.xyz> <20230720231904.GA31372@breakpoint.cc> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230720231904.GA31372@breakpoint.cc> X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jul 21, 2023 at 01:19:04AM +0200, Florian Westphal wrote: > Daniel Xu wrote: > > + const struct nf_defrag_hook __maybe_unused *hook; > > + > > + switch (link->hook_ops.pf) { > > +#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV4) > > + case NFPROTO_IPV4: > > + hook = get_proto_defrag_hook(link, nf_defrag_v4_hook, "nf_defrag_ipv4"); > > + if (IS_ERR(hook)) > > + return PTR_ERR(hook); > > + > > + link->defrag_hook = hook; > > + return 0; > > +#endif > > +#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV6) > > + case NFPROTO_IPV6: > > + hook = get_proto_defrag_hook(link, nf_defrag_v6_hook, "nf_defrag_ipv6"); > > + if (IS_ERR(hook)) > > + return PTR_ERR(hook); > > + > > + link->defrag_hook = hook; > > + return 0; > > +#endif > > + default: > > + return -EAFNOSUPPORT; > > + } > > +} > > + > > +static void bpf_nf_disable_defrag(struct bpf_nf_link *link) > > +{ > > + const struct nf_defrag_hook *hook = link->defrag_hook; > > + > > + if (!hook) > > + return; > > + hook->disable(link->net); > > + module_put(hook->owner); > > +} > > + > > static void bpf_nf_link_release(struct bpf_link *link) > > { > > struct bpf_nf_link *nf_link = container_of(link, struct bpf_nf_link, link); > > @@ -37,6 +119,8 @@ static void bpf_nf_link_release(struct bpf_link *link) > > */ > > if (!cmpxchg(&nf_link->dead, 0, 1)) > > nf_unregister_net_hook(nf_link->net, &nf_link->hook_ops); > > + > > + bpf_nf_disable_defrag(nf_link); > > } > > I suspect this needs to be within the cmpxchg() branch to avoid > multiple ->disable() calls. Ah, good catch. > > > + if (attr->link_create.netfilter.flags & BPF_F_NETFILTER_IP_DEFRAG) { > > + err = bpf_nf_enable_defrag(link); > > + if (err) { > > + bpf_link_cleanup(&link_primer); > > + return err; > > + } > > + } > > + > > err = nf_register_net_hook(net, &link->hook_ops); > > if (err) { > bpf_nf_disable_defrag(link); Ack. Did not see that bpf_link_cleanup() sets link->prog to NULL which disables bpf_link_ops:release() on the release codepath. > > Other than those nits this lgtm, thanks! > Thanks for reviewing! Daniel