On 09/06/2021 11:33, Toke Høiland-Jørgensen wrote:
> The sfc driver has rcu_read_lock()/rcu_read_unlock() pairs around XDP
> program invocations. However, the actual lifetime of the objects referred
> by the XDP program invocation is longer, all the way through to the call to
> xdp_do_flush(), making the scope of the rcu_read_lock() too small. This
> turns out to be harmless because it all happens in a single NAPI poll
> cycle (and thus under local_bh_disable()), but it makes the rcu_read_lock()
> misleading.
>
> Rather than extend the scope of the rcu_read_lock(), just get rid of it
> entirely. With the addition of RCU annotations to the XDP_REDIRECT map
> types that take bh execution into account, lockdep even understands this to
> be safe, so there's really no reason to keep it around.
>
> Cc: Edward Cree <ecree.xilinx@xxxxxxxxx>
> Cc: Martin Habets <habetsm.xilinx@xxxxxxxxx>
> Signed-off-by: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
> ---
Acked-by: Edward Cree <ecree.xilinx@xxxxxxxxx>
> drivers/net/ethernet/sfc/rx.c | 9 ++-------
> 1 file changed, 2 insertions(+), 7 deletions(-)
>
> diff --git a/drivers/net/ethernet/sfc/rx.c b/drivers/net/ethernet/sfc/rx.c
> index 17b8119c48e5..606750938b89 100644
> --- a/drivers/net/ethernet/sfc/rx.c
> +++ b/drivers/net/ethernet/sfc/rx.c
> @@ -260,18 +260,14 @@ static bool efx_do_xdp(struct efx_nic *efx, struct efx_channel *channel,
> s16 offset;
> int err;
>
> - rcu_read_lock();
> - xdp_prog = rcu_dereference(efx->xdp_prog);
> - if (!xdp_prog) {
> - rcu_read_unlock();
> + xdp_prog = rcu_dereference_bh(efx->xdp_prog);
> + if (!xdp_prog)
> return true;
> - }
>
> rx_queue = efx_channel_get_rx_queue(channel);
>
> if (unlikely(channel->rx_pkt_n_frags > 1)) {
> /* We can't do XDP on fragmented packets - drop. */
> - rcu_read_unlock();
> efx_free_rx_buffers(rx_queue, rx_buf,
> channel->rx_pkt_n_frags);
> if (net_ratelimit())
> @@ -296,7 +292,6 @@ static bool efx_do_xdp(struct efx_nic *efx, struct efx_channel *channel,
> rx_buf->len, false);
>
> xdp_act = bpf_prog_run_xdp(xdp_prog, &xdp);
> - rcu_read_unlock();
>
> offset = (u8 *)xdp.data - *ehp;
>
>
