1. Patchew
  2. linux
  3. View series

[PATCH] net: Don't allow to attach xdp if bond slave device's upper already has a program

Feng zhou posted 1 patch 1 year, 5 months ago
There is a newer version of this series
net/core/dev.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
[PATCH] net: Don't allow to attach xdp if bond slave device's upper already has a program
Posted by Feng zhou 1 year, 5 months ago 
From: Feng Zhou <zhoufeng.zf@bytedance.com>

Cannot attach when an upper device already has a program, This
restriction is only for bond's slave devices, and should not be
accidentally injured for devices like eth0 and vxlan0.

Signed-off-by: Feng Zhou <zhoufeng.zf@bytedance.com>
---
 net/core/dev.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/net/core/dev.c b/net/core/dev.c
index 6ea1d20676fb..e1f87662376a 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -9501,10 +9501,12 @@ static int dev_xdp_attach(struct net_device *dev, struct netlink_ext_ack *extack
 	}
 
 	/* don't allow if an upper device already has a program */
-	netdev_for_each_upper_dev_rcu(dev, upper, iter) {
-		if (dev_xdp_prog_count(upper) > 0) {
-			NL_SET_ERR_MSG(extack, "Cannot attach when an upper device already has a program");
-			return -EEXIST;
+	if (netif_is_bond_slave(dev)) {
+		netdev_for_each_upper_dev_rcu(dev, upper, iter) {
+			if (dev_xdp_prog_count(upper) > 0) {
+				NL_SET_ERR_MSG(extack, "Cannot attach when an upper device already has a program");
+				return -EEXIST;
+			}
 		}
 	}
 
-- 
2.30.2
Re: [PATCH] net: Don't allow to attach xdp if bond slave device's upper already has a program
Posted by Paolo Abeni 1 year, 5 months ago 
On 8/14/24 11:08, Feng zhou wrote:
> From: Feng Zhou <zhoufeng.zf@bytedance.com>
> 
> Cannot attach when an upper device already has a program, This
> restriction is only for bond's slave devices, and should not be
> accidentally injured for devices like eth0 and vxlan0.
> 
> Signed-off-by: Feng Zhou <zhoufeng.zf@bytedance.com>
> ---
>   net/core/dev.c | 10 ++++++----
>   1 file changed, 6 insertions(+), 4 deletions(-)
> 
> diff --git a/net/core/dev.c b/net/core/dev.c
> index 6ea1d20676fb..e1f87662376a 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -9501,10 +9501,12 @@ static int dev_xdp_attach(struct net_device *dev, struct netlink_ext_ack *extack
>   	}
>   
>   	/* don't allow if an upper device already has a program */
> -	netdev_for_each_upper_dev_rcu(dev, upper, iter) {
> -		if (dev_xdp_prog_count(upper) > 0) {
> -			NL_SET_ERR_MSG(extack, "Cannot attach when an upper device already has a program");
> -			return -EEXIST;
> +	if (netif_is_bond_slave(dev)) {

I think we want to consider even team port devices.

Thanks,

Paolo
Re: [PATCH] net: Don't allow to attach xdp if bond slave device's upper already has a program
Posted by Jiri Pirko 1 year, 5 months ago 
Thu, Aug 15, 2024 at 01:18:33PM CEST, pabeni@redhat.com wrote:
>On 8/14/24 11:08, Feng zhou wrote:
>> From: Feng Zhou <zhoufeng.zf@bytedance.com>
>> 
>> Cannot attach when an upper device already has a program, This
>> restriction is only for bond's slave devices, and should not be
>> accidentally injured for devices like eth0 and vxlan0.
>> 
>> Signed-off-by: Feng Zhou <zhoufeng.zf@bytedance.com>
>> ---
>>   net/core/dev.c | 10 ++++++----
>>   1 file changed, 6 insertions(+), 4 deletions(-)
>> 
>> diff --git a/net/core/dev.c b/net/core/dev.c
>> index 6ea1d20676fb..e1f87662376a 100644
>> --- a/net/core/dev.c
>> +++ b/net/core/dev.c
>> @@ -9501,10 +9501,12 @@ static int dev_xdp_attach(struct net_device *dev, struct netlink_ext_ack *extack
>>   	}
>>   	/* don't allow if an upper device already has a program */
>> -	netdev_for_each_upper_dev_rcu(dev, upper, iter) {
>> -		if (dev_xdp_prog_count(upper) > 0) {
>> -			NL_SET_ERR_MSG(extack, "Cannot attach when an upper device already has a program");
>> -			return -EEXIST;
>> +	if (netif_is_bond_slave(dev)) {
>
>I think we want to consider even team port devices.

netif_is_lag_port()


>
>Thanks,
>
>Paolo
>
Re: [External] Re: [PATCH] net: Don't allow to attach xdp if bond slave device's upper already has a program
Posted by Feng Zhou 1 year, 5 months ago 
在 2024/8/15 20:36, Jiri Pirko 写道:
> Thu, Aug 15, 2024 at 01:18:33PM CEST, pabeni@redhat.com wrote:
>> On 8/14/24 11:08, Feng zhou wrote:
>>> From: Feng Zhou <zhoufeng.zf@bytedance.com>
>>>
>>> Cannot attach when an upper device already has a program, This
>>> restriction is only for bond's slave devices, and should not be
>>> accidentally injured for devices like eth0 and vxlan0.
>>>
>>> Signed-off-by: Feng Zhou <zhoufeng.zf@bytedance.com>
>>> ---
>>>    net/core/dev.c | 10 ++++++----
>>>    1 file changed, 6 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/net/core/dev.c b/net/core/dev.c
>>> index 6ea1d20676fb..e1f87662376a 100644
>>> --- a/net/core/dev.c
>>> +++ b/net/core/dev.c
>>> @@ -9501,10 +9501,12 @@ static int dev_xdp_attach(struct net_device *dev, struct netlink_ext_ack *extack
>>>    	}
>>>    	/* don't allow if an upper device already has a program */
>>> -	netdev_for_each_upper_dev_rcu(dev, upper, iter) {
>>> -		if (dev_xdp_prog_count(upper) > 0) {
>>> -			NL_SET_ERR_MSG(extack, "Cannot attach when an upper device already has a program");
>>> -			return -EEXIST;
>>> +	if (netif_is_bond_slave(dev)) {
>>
>> I think we want to consider even team port devices.
> 
> netif_is_lag_port()
> 
> 

Will do, thanks.

>>
>> Thanks,
>>
>> Paolo
>>
Re: [PATCH] net: Don't allow to attach xdp if bond slave device's upper already has a program
Posted by Toke Høiland-Jørgensen 1 year, 5 months ago 
Feng zhou <zhoufeng.zf@bytedance.com> writes:

> From: Feng Zhou <zhoufeng.zf@bytedance.com>
>
> Cannot attach when an upper device already has a program, This
> restriction is only for bond's slave devices, and should not be
> accidentally injured for devices like eth0 and vxlan0.
>
> Signed-off-by: Feng Zhou <zhoufeng.zf@bytedance.com>

Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.