freebsd-nq/sys/net/route/mpath_ctl.c
Alexander V. Chernikov aad59c79f5 Fix panic when trying to delete non-existent gateway in multipath route.
IF non-existend gateway was specified, the code responsible for calculating
 an updated nexthop group, returned the same already-used nexthop group.
After the route table update, the operation result contained the same
 old & new nexthop groups. Thus, the code responsible for decomposing
 the notification to the list of simple nexthop-level notifications,
 was not able to find any differences. As a result, it hasn't updated any
  of the "simple" notification fields, resulting in empty rtentry pointer.
This empty pointer was the direct reason of a panic.

Fix the problem by returning ESRCH when the new nexthop group is the same
 as the old one after applying gateway filter.

Reported by:	Michael <michael.adm at gmail.com>
PR:		255665
MFC after:	3 days
2021-05-07 20:41:31 +00:00

196 lines
5.7 KiB
C

/*-
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
*
* Copyright (c) 2020 Alexander V. Chernikov
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
#include "opt_inet.h"
#include "opt_route.h"
#include <sys/cdefs.h>
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/lock.h>
#include <sys/rmlock.h>
#include <sys/rwlock.h>
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/socket.h>
#include <sys/sysctl.h>
#include <sys/kernel.h>
#include <net/if.h>
#include <net/if_var.h>
#include <net/if_dl.h>
#include <net/route.h>
#include <net/route/route_ctl.h>
#include <net/route/route_var.h>
#include <net/vnet.h>
#include <netinet/in.h>
#include <netinet/in_var.h>
#include <netinet/in_fib.h>
#include <net/route/nhop_utils.h>
#include <net/route/nhop.h>
#include <net/route/nhop_var.h>
/*
* This file contains the supporting functions for adding/deleting/updating
* multipath routes to the routing table.
*/
SYSCTL_DECL(_net_route);
VNET_DEFINE(u_int, fib_hash_outbound) = 0;
SYSCTL_UINT(_net_route, OID_AUTO, hash_outbound, CTLFLAG_RD | CTLFLAG_VNET,
&VNET_NAME(fib_hash_outbound), 0,
"Compute flowid for locally-originated packets");
/* Default entropy to add to the hash calculation for the outbound connections*/
uint8_t mpath_entropy_key[MPATH_ENTROPY_KEY_LEN] = {
0x6d, 0x5a, 0x56, 0xda, 0x25, 0x5b, 0x0e, 0xc2,
0x41, 0x67, 0x25, 0x3d, 0x43, 0xa3, 0x8f, 0xb0,
0xd0, 0xca, 0x2b, 0xcb, 0xae, 0x7b, 0x30, 0xb4,
0x77, 0xcb, 0x2d, 0xa3, 0x80, 0x30, 0xf2, 0x0c,
0x6a, 0x42, 0xb7, 0x3b, 0xbe, 0xac, 0x01, 0xfa,
};
/*
* Tries to add @rnd_add nhop to the existing set of nhops (@nh_orig) for the
* prefix specified by @rt.
*
* Return 0 ans consumes rt / rnd_add nhop references. @rc gets populated
* with the operation result.
* Otherwise errno is returned.
*
* caller responsibility is to unlock/free rt and
* rt->rt_nhop.
*/
int
add_route_mpath(struct rib_head *rnh, struct rt_addrinfo *info,
struct rtentry *rt, struct route_nhop_data *rnd_add,
struct route_nhop_data *rnd_orig, struct rib_cmd_info *rc)
{
RIB_RLOCK_TRACKER;
struct route_nhop_data rnd_new;
int error = 0;
/*
* It is possible that multiple rtsock speakers will try to update
* the same route simultaneously. Reduce the chance of failing the
* request by retrying the cycle multiple times.
*/
for (int i = 0; i < RIB_MAX_RETRIES; i++) {
error = nhgrp_get_addition_group(rnh, rnd_orig, rnd_add,
&rnd_new);
if (error != 0) {
if (error != EAGAIN)
break;
/*
* Group creation failed, most probably because
* @rnd_orig data got scheduled for deletion.
* Refresh @rnd_orig data and retry.
*/
RIB_RLOCK(rnh);
lookup_prefix(rnh, info, rnd_orig);
RIB_RUNLOCK(rnh);
continue;
}
error = change_route_conditional(rnh, rt, info, rnd_orig,
&rnd_new, rc);
if (error != EAGAIN)
break;
RTSTAT_INC(rts_add_retry);
}
if (V_fib_hash_outbound == 0 && error == 0 &&
NH_IS_NHGRP(rc->rc_nh_new)) {
/*
* First multipath route got installed. Enable local
* outbound connections hashing.
*/
if (bootverbose)
printf("FIB: enabled flowid calculation for locally-originated packets\n");
V_fib_hash_outbound = 1;
}
return (error);
}
struct rt_match_info {
struct rt_addrinfo *info;
struct rtentry *rt;
};
static bool
gw_filter_func(const struct nhop_object *nh, void *_data)
{
struct rt_match_info *ri = (struct rt_match_info *)_data;
return (check_info_match_nhop(ri->info, ri->rt, nh) == 0);
}
/*
* Tries to delete matching paths from @nhg.
* Returns 0 on success and updates operation result in @rc.
*/
int
del_route_mpath(struct rib_head *rh, struct rt_addrinfo *info,
struct rtentry *rt, struct nhgrp_object *nhg,
struct rib_cmd_info *rc)
{
struct route_nhop_data rnd;
struct rt_match_info ri = { .info = info, .rt = rt };
int error;
RIB_WLOCK_ASSERT(rh);
/*
* Require gateway to delete multipath routes, to forbid
* deleting all paths at once.
* If the filter function is provided, skip gateway check to
* allow rib_walk_del() delete routes for any criteria based
* on provided callback.
*/
if ((info->rti_info[RTAX_GATEWAY] == NULL) && (info->rti_filter == NULL))
return (ESRCH);
error = nhgrp_get_filtered_group(rh, nhg, gw_filter_func, (void *)&ri, &rnd);
if (error == 0) {
if (rnd.rnd_nhgrp == nhg) {
/* No gateway match, unreference new group and return. */
nhop_free_any(rnd.rnd_nhop);
return (ESRCH);
}
error = change_route_nhop(rh, rt, info, &rnd, rc);
}
return (error);
}