• Song Liu's avatar
    bpf: test_bpf: add init_net to dev for flow_dissector · 10081193
    Song Liu authored
    Latest changes in __skb_flow_dissect() assume skb->dev has valid nd_net.
    However, this is not true for test_bpf. As a result, test_bpf.ko crashes
    the system with the following stack trace:
    
    [ 1133.716622] BUG: unable to handle kernel paging request at 0000000000001030
    [ 1133.716623] PGD 8000001fbf7ee067
    [ 1133.716624] P4D 8000001fbf7ee067
    [ 1133.716624] PUD 1f6c1cf067
    [ 1133.716625] PMD 0
    [ 1133.716628] Oops: 0000 [#1] SMP PTI
    [ 1133.716630] CPU: 7 PID: 40473 Comm: modprobe Kdump: loaded Not tainted 4.19.0-rc5-00805-gca11cc92ccd2 #1167
    [ 1133.716631] Hardware name: Wiwynn Leopard-Orv2/Leopard-DDR BW, BIOS LBM12.5 12/06/2017
    [ 1133.716638] RIP: 0010:__skb_flow_dissect+0x83/0x1680
    [ 1133.716639] Code: 04 00 00 41 0f b7 44 24 04 48 85 db 4d 8d 14 07 0f 84 01 02 00 00 48 8b 43 10 48 85 c0 0f 84 e5 01 00 00 48 8b 80 a8 04 00 00 <48> 8b 90 30 10 00 00 48 85 d2 0f 84 dd 01 00 00 31 c0 b9 05 00 00
    [ 1133.716640] RSP: 0018:ffffc900303c7a80 EFLAGS: 00010282
    [ 1133.716642] RAX: 0000000000000000 RBX: ffff881fea0b7400 RCX: 0000000000000000
    [ 1133.716643] RDX: ffffc900303c7bb4 RSI: ffffffff8235c3e0 RDI: ffff881fea0b7400
    [ 1133.716643] RBP: ffffc900303c7b80 R08: 0000000000000000 R09: 000000000000000e
    [ 1133.716644] R10: ffffc900303c7bb4 R11: ffff881fb6840400 R12: ffffffff8235c3e0
    [ 1133.716645] R13: 0000000000000008 R14: 000000000000001e R15: ffffc900303c7bb4
    [ 1133.716646] FS:  00007f54e75d3740(0000) GS:ffff881fff5c0000(0000) knlGS:0000000000000000
    [ 1133.716648] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    [ 1133.716649] CR2: 0000000000001030 CR3: 0000001f6c226005 CR4: 00000000003606e0
    [ 1133.716649] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
    [ 1133.716650] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
    [ 1133.716651] Call Trace:
    [ 1133.716660]  ? sched_clock_cpu+0xc/0xa0
    [ 1133.716662]  ? sched_clock_cpu+0xc/0xa0
    [ 1133.716665]  ? log_store+0x1b5/0x260
    [ 1133.716667]  ? up+0x12/0x60
    [ 1133.716669]  ? skb_get_poff+0x4b/0xa0
    [ 1133.716674]  ? __kmalloc_reserve.isra.47+0x2e/0x80
    [ 1133.716675]  skb_get_poff+0x4b/0xa0
    [ 1133.716680]  bpf_skb_get_pay_offset+0xa/0x10
    [ 1133.716686]  ? test_bpf_init+0x578/0x1000 [test_bpf]
    [ 1133.716690]  ? netlink_broadcast_filtered+0x153/0x3d0
    [ 1133.716695]  ? free_pcppages_bulk+0x324/0x600
    [ 1133.716696]  ? 0xffffffffa0279000
    [ 1133.716699]  ? do_one_initcall+0x46/0x1bd
    [ 1133.716704]  ? kmem_cache_alloc_trace+0x144/0x1a0
    [ 1133.716709]  ? do_init_module+0x5b/0x209
    [ 1133.716712]  ? load_module+0x2136/0x25d0
    [ 1133.716715]  ? __do_sys_finit_module+0xba/0xe0
    [ 1133.716717]  ? __do_sys_finit_module+0xba/0xe0
    [ 1133.716719]  ? do_syscall_64+0x48/0x100
    [ 1133.716724]  ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
    
    This patch fixes tes_bpf by using init_net in the dummy dev.
    
    Fixes: d58e468b ("flow_dissector: implements flow dissector BPF hook")
    Reported-by: 's avatarEric Dumazet <edumazet@google.com>
    Cc: Willem de Bruijn <willemb@google.com>
    Cc: Petar Penkov <ppenkov@google.com>
    Signed-off-by: 's avatarSong Liu <songliubraving@fb.com>
    Reviewed-by: 's avatarEric Dumazet <edumazet@google.com>
    Acked-by: 's avatarWillem de Bruijn <willemb@google.com>
    Signed-off-by: 's avatarDaniel Borkmann <daniel@iogearbox.net>
    10081193
test_bpf.c 159 KB