Home Home > GIT Browse > SLE12-SP4-AZURE
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTakashi Iwai <tiwai@suse.de>2019-02-20 12:35:52 +0100
committerTakashi Iwai <tiwai@suse.de>2019-02-20 12:35:53 +0100
commite1eeeb69fbd7b699bcbbfc53605018725d936b22 (patch)
treef12292dccaf70c9a6d14ed65a3b8b97ee2783a94
parent81c9fa16e4d0f052d9a86090739cc105e8f17b67 (diff)
openvswitch: fix the incorrect flow action alloc size
(bsc#1051510).
-rw-r--r--patches.fixes/openvswitch-fix-the-incorrect-flow-action-alloc-size.patch86
-rw-r--r--series.conf1
2 files changed, 87 insertions, 0 deletions
diff --git a/patches.fixes/openvswitch-fix-the-incorrect-flow-action-alloc-size.patch b/patches.fixes/openvswitch-fix-the-incorrect-flow-action-alloc-size.patch
new file mode 100644
index 0000000000..b7444d4595
--- /dev/null
+++ b/patches.fixes/openvswitch-fix-the-incorrect-flow-action-alloc-size.patch
@@ -0,0 +1,86 @@
+From 67c8d22a73128ff910e2287567132530abcf5b71 Mon Sep 17 00:00:00 2001
+From: zhangliping <zhangliping02@baidu.com>
+Date: Sat, 25 Nov 2017 22:02:12 +0800
+Subject: [PATCH] openvswitch: fix the incorrect flow action alloc size
+Git-commit: 67c8d22a73128ff910e2287567132530abcf5b71
+Patch-mainline: v4.15-rc2
+References: bsc#1051510
+
+If we want to add a datapath flow, which has more than 500 vxlan outputs'
+action, we will get the following error reports:
+ openvswitch: netlink: Flow action size 32832 bytes exceeds max
+ openvswitch: netlink: Flow action size 32832 bytes exceeds max
+ openvswitch: netlink: Actions may not be safe on all matching packets
+ ... ...
+
+It seems that we can simply enlarge the MAX_ACTIONS_BUFSIZE to fix it, but
+this is not the root cause. For example, for a vxlan output action, we need
+about 60 bytes for the nlattr, but after it is converted to the flow
+action, it only occupies 24 bytes. This means that we can still support
+more than 1000 vxlan output actions for a single datapath flow under the
+the current 32k max limitation.
+
+So even if the nla_len(attr) is larger than MAX_ACTIONS_BUFSIZE, we
+shouldn't report EINVAL and keep it move on, as the judgement can be
+done by the reserve_sfa_size.
+
+Signed-off-by: zhangliping <zhangliping02@baidu.com>
+Acked-by: Pravin B Shelar <pshelar@ovn.org>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Acked-by: Takashi Iwai <tiwai@suse.de>
+
+---
+ net/openvswitch/flow_netlink.c | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
+index dc424798ba6f..624ea74353dd 100644
+--- a/net/openvswitch/flow_netlink.c
++++ b/net/openvswitch/flow_netlink.c
+@@ -2241,14 +2241,11 @@ int ovs_nla_put_mask(const struct sw_flow *flow, struct sk_buff *skb)
+
+ #define MAX_ACTIONS_BUFSIZE (32 * 1024)
+
+-static struct sw_flow_actions *nla_alloc_flow_actions(int size, bool log)
++static struct sw_flow_actions *nla_alloc_flow_actions(int size)
+ {
+ struct sw_flow_actions *sfa;
+
+- if (size > MAX_ACTIONS_BUFSIZE) {
+- OVS_NLERR(log, "Flow action size %u bytes exceeds max", size);
+- return ERR_PTR(-EINVAL);
+- }
++ WARN_ON_ONCE(size > MAX_ACTIONS_BUFSIZE);
+
+ sfa = kmalloc(sizeof(*sfa) + size, GFP_KERNEL);
+ if (!sfa)
+@@ -2321,12 +2318,15 @@ static struct nlattr *reserve_sfa_size(struct sw_flow_actions **sfa,
+ new_acts_size = ksize(*sfa) * 2;
+
+ if (new_acts_size > MAX_ACTIONS_BUFSIZE) {
+- if ((MAX_ACTIONS_BUFSIZE - next_offset) < req_size)
++ if ((MAX_ACTIONS_BUFSIZE - next_offset) < req_size) {
++ OVS_NLERR(log, "Flow action size exceeds max %u",
++ MAX_ACTIONS_BUFSIZE);
+ return ERR_PTR(-EMSGSIZE);
++ }
+ new_acts_size = MAX_ACTIONS_BUFSIZE;
+ }
+
+- acts = nla_alloc_flow_actions(new_acts_size, log);
++ acts = nla_alloc_flow_actions(new_acts_size);
+ if (IS_ERR(acts))
+ return (void *)acts;
+
+@@ -3059,7 +3059,7 @@ int ovs_nla_copy_actions(struct net *net, const struct nlattr *attr,
+ {
+ int err;
+
+- *sfa = nla_alloc_flow_actions(nla_len(attr), log);
++ *sfa = nla_alloc_flow_actions(min(nla_len(attr), MAX_ACTIONS_BUFSIZE));
+ if (IS_ERR(*sfa))
+ return PTR_ERR(*sfa);
+
+--
+2.16.4
+
diff --git a/series.conf b/series.conf
index a52abee5f4..6d09635e36 100644
--- a/series.conf
+++ b/series.conf
@@ -10428,6 +10428,7 @@
patches.fixes/crypto-skcipher-Fix-skcipher_walk_aead_common
patches.drivers/net-thunderx-Fix-TCP-UDP-checksum-offload-for-IPv6-p.patch
patches.fixes/net-openvswitch-datapath-fix-data-type-in-queue_gso_.patch
+ patches.fixes/openvswitch-fix-the-incorrect-flow-action-alloc-size.patch
patches.fixes/sctp-set-sender-next_tsn-for-the-old-result-with-cts.patch
patches.drivers/mac80211-use-QoS-NDP-for-AP-probing
patches.drivers/mac80211-fix-the-update-of-path-metric-for-RANN-fram