xdp: fix race on generic receive path (bf0bdd13) · Commits · 戴 / test

include/net/xdp_sock.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -67,6 +67,8 @@ struct xdp_sock {
		* in the SKB destructor callback.
		*/
		spinlock_t tx_completion_lock;
		/* Protects generic receive. */
		spinlock_t rx_lock;
		u64 rx_dropped;
		};

+22 −9

Original line number	Diff line number	Diff line
		@@ -129,13 +129,17 @@ int xsk_generic_rcv(struct xdp_sock xs, struct xdp_buff xdp)
		u64 addr;
		int err;

		if (xs->dev != xdp->rxq->dev \|\| xs->queue_id != xdp->rxq->queue_index)
		return -EINVAL;
		spin_lock_bh(&xs->rx_lock);

		if (xs->dev != xdp->rxq->dev \|\| xs->queue_id != xdp->rxq->queue_index) {
		err = -EINVAL;
		goto out_unlock;
		}

		if (!xskq_peek_addr(xs->umem->fq, &addr) \|\|
		len > xs->umem->chunk_size_nohr - XDP_PACKET_HEADROOM) {
		xs->rx_dropped++;
		return -ENOSPC;
		err = -ENOSPC;
		goto out_drop;
		}

		addr += xs->umem->headroom;
		@@ -144,13 +148,21 @@ int xsk_generic_rcv(struct xdp_sock xs, struct xdp_buff xdp)
		memcpy(buffer, xdp->data_meta, len + metalen);
		addr += metalen;
		err = xskq_produce_batch_desc(xs->rx, addr, len);
		if (!err) {
		if (err)
		goto out_drop;

		xskq_discard_addr(xs->umem->fq);
		xsk_flush(xs);
		xskq_produce_flush_desc(xs->rx);

		spin_unlock_bh(&xs->rx_lock);

		xs->sk.sk_data_ready(&xs->sk);
		return 0;
		}

		out_drop:
		xs->rx_dropped++;
		out_unlock:
		spin_unlock_bh(&xs->rx_lock);
		return err;
		}

		@@ -787,6 +799,7 @@ static int xsk_create(struct net net, struct socket sock, int protocol,

		xs = xdp_sk(sk);
		mutex_init(&xs->mutex);
		spin_lock_init(&xs->rx_lock);
		spin_lock_init(&xs->tx_completion_lock);

		mutex_lock(&net->xdp.lock);