首页 发现 帮助
登录
GfA
/
linux_kernel
5
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

openvswitch: Avoid assigning a NULL pointer to flow actions.

Flow SET can accept an empty set of actions, with the intended
semantics of leaving existing actions unmodified.  This seems to have
been brokin after OVS 1.7, as we have assigned the flow's actions
pointer to NULL in this case, but we never check for the NULL pointer
later on.  This patch restores the intended behavior and documents it
in the include/linux/openvswitch.h.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Jarno Rajahalme 11 年之前
父节点
1139e241ec
当前提交
be52c9e96a
共有 2 个文件被更改,包括 11 次插入7 次删除
合并视图 显示文件统计
  1. 3 1
      include/uapi/linux/openvswitch.h
  2. 8 6
      net/openvswitch/datapath.c

+ 3 - 1
include/uapi/linux/openvswitch.h
查看文件 

@@ -395,7 +395,9 @@ struct ovs_key_nd {
 
  * @OVS_FLOW_ATTR_ACTIONS: Nested %OVS_ACTION_ATTR_* attributes specifying
 
  * @OVS_FLOW_ATTR_ACTIONS: Nested %OVS_ACTION_ATTR_* attributes specifying
 
  * the actions to take for packets that match the key.  Always present in
 
  * the actions to take for packets that match the key.  Always present in
 
  * notifications.  Required for %OVS_FLOW_CMD_NEW requests, optional for
 
  * notifications.  Required for %OVS_FLOW_CMD_NEW requests, optional for
 
- * %OVS_FLOW_CMD_SET requests.
 
+ * %OVS_FLOW_CMD_SET requests.  An %OVS_FLOW_CMD_SET without
 
+ * %OVS_FLOW_ATTR_ACTIONS will not modify the actions.  To clear the actions,
 
+ * an %OVS_FLOW_ATTR_ACTIONS without any nested attributes must be given.
 
  * @OVS_FLOW_ATTR_STATS: &struct ovs_flow_stats giving statistics for this
 
  * @OVS_FLOW_ATTR_STATS: &struct ovs_flow_stats giving statistics for this
 
  * flow.  Present in notifications if the stats would be nonzero.  Ignored in
 
  * flow.  Present in notifications if the stats would be nonzero.  Ignored in
 
  * requests.
 
  * requests.

+ 8 - 6
net/openvswitch/datapath.c
查看文件 

@@ -810,6 +810,7 @@ static int ovs_flow_cmd_new_or_set(struct sk_buff *skb, struct genl_info *info)
 
 			goto err_kfree;
 
 			goto err_kfree;
 
 		}
 
 		}
 
 	} else if (info->genlhdr->cmd == OVS_FLOW_CMD_NEW) {
 
 	} else if (info->genlhdr->cmd == OVS_FLOW_CMD_NEW) {
 
+		/* OVS_FLOW_CMD_NEW must have actions. */
 
 		error = -EINVAL;
 
 		error = -EINVAL;
 
 		goto error;
 
 		goto error;
 
 	}
 
 	}
 
@@ -849,8 +850,6 @@ static int ovs_flow_cmd_new_or_set(struct sk_buff *skb, struct genl_info *info)
 
 		reply = ovs_flow_cmd_build_info(flow, dp, info, OVS_FLOW_CMD_NEW);
 
 		reply = ovs_flow_cmd_build_info(flow, dp, info, OVS_FLOW_CMD_NEW);
 
 	} else {
 
 	} else {
 
 		/* We found a matching flow. */
 
 		/* We found a matching flow. */
 
-		struct sw_flow_actions *old_acts;
 
-
 
 		/* Bail out if we're not allowed to modify an existing flow.
 
 		/* Bail out if we're not allowed to modify an existing flow.
 
 		 * We accept NLM_F_CREATE in place of the intended NLM_F_EXCL
 
 		 * We accept NLM_F_CREATE in place of the intended NLM_F_EXCL
 
 		 * because Generic Netlink treats the latter as a dump
 
 		 * because Generic Netlink treats the latter as a dump
 
@@ -866,11 +865,14 @@ static int ovs_flow_cmd_new_or_set(struct sk_buff *skb, struct genl_info *info)
 
 		if (!ovs_flow_cmp_unmasked_key(flow, &match))
 
 		if (!ovs_flow_cmp_unmasked_key(flow, &match))
 
 			goto err_unlock_ovs;
 
 			goto err_unlock_ovs;
 
 
 
-		/* Update actions. */
 
-		old_acts = ovsl_dereference(flow->sf_acts);
 
-		rcu_assign_pointer(flow->sf_acts, acts);
 
-		ovs_nla_free_flow_actions(old_acts);
 
+		/* Update actions, if present. */
 
+		if (acts) {
 
+			struct sw_flow_actions *old_acts;
 
 
 
+			old_acts = ovsl_dereference(flow->sf_acts);
 
+			rcu_assign_pointer(flow->sf_acts, acts);
 
+			ovs_nla_free_flow_actions(old_acts);
 
+		}
 
 		reply = ovs_flow_cmd_build_info(flow, dp, info, OVS_FLOW_CMD_NEW);
 
 		reply = ovs_flow_cmd_build_info(flow, dp, info, OVS_FLOW_CMD_NEW);
 
 
 
 		/* Clear stats. */
 
 		/* Clear stats. */