From patchwork Tue Jun 4 09:44:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Wilson Peng X-Patchwork-Id: 1943228 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=vmware.com header.i=@vmware.com header.a=rsa-sha256 header.s=selector2 header.b=bao0c3CK; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=smtp2.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Vtm0f0VnRz20Tb for ; Tue, 4 Jun 2024 19:45:06 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 83D17413DE; Tue, 4 Jun 2024 09:45:04 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 5XbUhXeKWlYh; Tue, 4 Jun 2024 09:45:03 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 35B98413DB Authentication-Results: smtp2.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key, unprotected) header.d=vmware.com header.i=@vmware.com header.a=rsa-sha256 header.s=selector2 header.b=bao0c3CK Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp2.osuosl.org (Postfix) with ESMTPS id 35B98413DB; Tue, 4 Jun 2024 09:45:03 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 013F1C0072; Tue, 4 Jun 2024 09:45:03 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 74F6FC0037 for ; Tue, 4 Jun 2024 09:45:01 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 5993F833C9 for ; Tue, 4 Jun 2024 09:45:01 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id R9stJIURI3iO for ; Tue, 4 Jun 2024 09:45:00 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=2a01:111:f403:c111::4; helo=dm1pr04cu001.outbound.protection.outlook.com; envelope-from=svc.ovs-community@vmware.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp1.osuosl.org DDE5583096 Authentication-Results: smtp1.osuosl.org; dmarc=pass (p=quarantine dis=none) header.from=vmware.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org DDE5583096 Authentication-Results: smtp1.osuosl.org; dkim=pass (1024-bit key, unprotected) header.d=vmware.com header.i=@vmware.com header.a=rsa-sha256 header.s=selector2 header.b=bao0c3CK Received: from DM1PR04CU001.outbound.protection.outlook.com (mail-centralusazlp170130004.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::4]) by smtp1.osuosl.org (Postfix) with ESMTPS id DDE5583096 for ; Tue, 4 Jun 2024 09:44:59 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jUC5u+lqnrxaUHB5chJMGc1IjhxgPAH170Xxx+i2wwY7EZxhnl6AMFovYFh5he/HQYfgF1BIvZykII9UjIZfT+Fcj/bPLJRABFkwl7F/sw5AGfuqn0/CAPfLAW7ydItjd56tvjreZtBfKPdZpszyHm0N434ZWuAZh5oxcw03BWSwXMt4loDu0LNNm/hiiHq0QqTvaSAoGh76OkO8mvOR4bHxAhAsvWxIQVVHFLz3nejChdsRb8bqVz7RNuNv1SyNf55EB8V1DCW1p5ISZy895OAMrlHFLEaTX7uesfJygBS8JboLV9OtLACALZep8V3QGpo7NBzqPtKLZ2/5jaoa5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=U1+d7u7l7NkOxVSycK06xZJbJe667bV6ysBoTQ7k/LU=; b=E4few91Hi6+5Ouw5DjQ13ACzCDHQ2iLXa/ukOG6Q5M2SNfpj/hWDkPmuCYbzlh5JBhF5KGsJSCTPw/AA2wf+rilGygSEP0YtDW+y7dvC7cHniGmSsRwfUV7COxEf2cVjrZF4E9Uckebjpcq/uSL9R09RtPtL5K9h7ULrGyrPCD01f2mDFXAYq39a+5uxGUSHs/066VO19RW4n37QFixWx/Y1iiUMNEuLi3OqtpX53Gr0fVOAhzgSvJ5hYMB+M8+IOVfqcr5LBbuKV4hMkVKOpBHpZZ5UPKWY/vqwmrJvsxfXnCFVnE/+86/9XJ5+jlG58Rbm4g0SjKSBTIynyiPYmA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=vmware.com; dmarc=pass action=none header.from=vmware.com; dkim=pass header.d=vmware.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vmware.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U1+d7u7l7NkOxVSycK06xZJbJe667bV6ysBoTQ7k/LU=; b=bao0c3CK850l0BiMYpYmJQQMMA62+oHRZa6cA4pi88qJSSxogZZ6hjdXPDKnb9IVXa+4xsAoHtL9O5BhCqupixXtHYFMhc5cRBViduLsZCCjNpuLXRGW6Ojo0NApHSP6eIhxcbNGNoQox3WGa5yrO+ZzIfxw7yR6MbTlb3xdV4g= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=vmware.com; Received: from BYAPR05MB5989.namprd05.prod.outlook.com (2603:10b6:a03:da::28) by IA0PR05MB10141.namprd05.prod.outlook.com (2603:10b6:208:40c::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7656.15; Tue, 4 Jun 2024 09:44:53 +0000 Received: from BYAPR05MB5989.namprd05.prod.outlook.com ([fe80::5da:377d:e8bf:afcf]) by BYAPR05MB5989.namprd05.prod.outlook.com ([fe80::5da:377d:e8bf:afcf%3]) with mapi id 15.20.7633.021; Tue, 4 Jun 2024 09:44:53 +0000 To: dev@openvswitch.org Date: Tue, 4 Jun 2024 17:44:40 +0800 Message-Id: <20240604094440.71741-1-svc.ovs-community@vmware.com> X-Mailer: git-send-email 2.39.2 (Apple Git-143) X-ClientProxiedBy: SGBP274CA0005.SGPP274.PROD.OUTLOOK.COM (2603:1096:4:b0::17) To BYAPR05MB5989.namprd05.prod.outlook.com (2603:10b6:a03:da::28) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BYAPR05MB5989:EE_|IA0PR05MB10141:EE_ X-MS-Office365-Filtering-Correlation-Id: 321f6d79-36a0-46fd-6d3a-08dc847afc50 X-LD-Processed: b39138ca-3cee-4b4a-a4d6-cd83d9dd62f0,ExtFwd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230031|366007|1800799015|52116005|376005|38350700005; X-Microsoft-Antispam-Message-Info: 72XB0A6wqqpA/84numFMrvuupr+hwihIMMlF1+I/U731mYQlPO3ovVs0JOhTzcxBYXpURNNDhcRbwDK+R0hliwsK4b9o06q/ppGJDWo8Cacm5OHeT5kC9JyY1ffYvvnGJ0N+wntcOZJGema33pFBYl2gJTdfkMGdNs+K0EhxamL+yv/0ECG8K9PfHPsEkVZLvOpoCxaxuTvkU8HrLLiO/QPTCxmPWc0M3F6k66qN0XO1U9qRK5U/UwHeeW7qggfOvUBpXAE5KM+MBaAOENSc3YFvMKU1b6tLAX9z+SgWM6V/zz4M7DzL/8MTd5G87O0888o7lyBnm9c93ydFCMWyvR2I3uBI7QV8OoncDIl/QCR54bysOM8tB15zzPygPgCREHGJ1SvgKm6a7Yx81drkq2E8NOSz7+HjIz9yiSlM97zgtC25X2aNmoi2XkaJAJuSsxpq2IeLMe+jsKE59YY3Fb0szfbmWBquPp/PyaQsm8PRGuJUWvhUo16f8+JdtqY2mhB/BS3w1ip7a/xWKwDukPJa73gRBwW0fOiZfUZBZ1Kbpr4+iLp4TZ5X//9ZV5WMcBZh7Jptz8b/R3QJnct6ONWgfQQeDmOH5deU2uTv95TO1uKeVfMoDeUlN8mtnYSSXYb+pO/pXvopNyNsE1XbW4Qx+DtfTnm94IqoqBCLCX6ocVSOm6A09bNMKYEBa4v5cRpYcJnF3X7JqP3CWDDwOiPcf6+r2S5QqtDcrqoYGteEsB2cI9uItj1QDQ+C+H7pOWbFLO4NlV3L4uaqofEeSV2joA8t9bcfuPRCd0rfR1Dbkm9dHBzBhK9yS3AL1pSqPEEx/17TLWZAcAlXc9K0DjLX+S6our6YZXy2fgBuOcoSogtxxuNxR0vmhxQzImAcVXKi9rhjNLuubIXDFyPp4uZtcJjSMM8mIcYWdEwYw32aKmEK3MMnUIY8e7hplBGqn8E284vVc+qyhAKSWknNTyahkNzGOlWhZyk97ZZ0Bj0xlPegjX6yjdaidD8Y3EqESPYU2ZggP9wCDLCL3B3hro1jYpkNtbHmnDXm2vZH9i2GY2KTBtWFz5BKVrgiphZZXggz8FE9gEwhDft0CRjObHqKVayz3i2r9y8L/m/neaZ3Tz2HTbHWTQb9Y7UrQ7Q0kdk3Oav0wcbWa72skCYfpWGASxBtFASxJmZoLsq6WhuK8gugL7EzQ6eJqgEKg//HS/fiTKlHYjADOh/vRc5D+Oq/NWIbaQ5Vzv5UGRYSL0Yp1aPyFOUOy0OqM8He9XWp0TnITCy9gsI0jCwdxpAyFG6Oe11N7prWwJ2Xnn2T753aNPWsuhc3nnwTVru+fAAf6sOInwUL92r8HinKG78mqbwbhk3BZXYPzeVN9UCEL5U= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR05MB5989.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366007)(1800799015)(52116005)(376005)(38350700005); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 0nb1LR7cYSICl4pMyGc9xo5xOyJufP8Aq9myFoSsXkCv9FGgSsQYdKu6RAuoVS9VVpItT9LALIBZcRy/3g+8xvz3MKkHMK+x+MoCOrJCWAQG0rRiPCsmu1lii250WEW8btY9LB1tb1mkJIG2uGgmBnLPMoyMqkLfl93yYVwboDpVrJKvcdr+1lb7ojgWQBrqkKMhsE8ZVPD9mOWPVt6Jn7lews5hpMHIssGcIcZaSYopdgVhti+9wf3RXFqKVMC2EQ5W+RoSwmX1MKaOf5GowRydOo8/H/Heuu2xdSvPjcQhYR6vO1/PChjn7qVp+WvPy9ZwRCPr4gOkaWt981j2drYi3EmDoOlcZP68mdAmKw6Txevq8ibpVtmHlaF+IBzFdlFBeAtUKSQkR2Jx+Rx6AoydfzhxPlGyLhm9g3jfSSW4bpznK29eZSFvSBH5hGzwc70uMX3bClhc6pgPnyVER98uBd+k+l5SQ5or0umcKRBuN8GrbxieMzLnk1PY7rpc/01A+DAYw4OYRfjLg6TRe6BacwrauS24Gc4APWzY/6yyfdGEML8Fp39NxkyFeEOV0FABhlUOWAbTQZWqDcHFpSNnuM4eDulX6jv+ZrOEWKvP6GEnAmc5UrbZ+EtQzKVEnCaRHylTfpNVnCvMeL9CVf6jLS9kUkSKmd76UygEdo9vXdj1w91d8Lekv2G4zDcWyRg1sLQdgO7qq/lkTKpi/vuY+8Xm1Go2KKNxZBA5kQxYcY67Ta7aW98bzHnzPt8RhkPsV8GlQkbTmpdU1OsGTnyVKqOVKIbyd1xYABM/WsV5bCgs/nSL97uEhPwutGiT3Hvzwfc3QYxVg976+CCVOM877xjpPqtfGA/bhifGPhBswc+eAIotd5jlZCDcrfBq21pWF1ltfbHKh3h5HL9flf8GRmPqv54A3sbZSpFsM6jLPa4MQdxFd5S3sSNFoVY/fyXfJ1QHCY7gTrjnGDUhyWIh1iAkxGy7Bj4SfCo1N8z5k63vp/qWge9UlMR/9feBZG8I+n4LXJLD3QdTm3UGYkpkGb/chZLqIMZsSbyq0ERtkG2Rk3q3OVW5KGzcNaUACxS42cZoMHKqXYf0keHbU/djpO1Q+KMsxDDreCEyG0MobomOgascJkz6cxH+aCrmCKeqkLhs9wFCnxsQyeVNSm8zRQPw0gYrmagJ8MIgPk9tRodexSGKOmSxamUNOI+Fv2IQgKXhOtjVxDylCVlKqfsXfXG8uJJnlvq+J8EivpoQBZkLhBheyTsg1uMVz2o1TllZaMG3wcM4cUtQrwEOtMOEgmDAq2S6XOlKh8rHYNVamnLUcR2ak/plXqVRsA6isB8trHvN64cnVtYhban7/Nlhgz5pr6RH11jxpsTBADBrtQYkb6o8AbY5ldzJSwqrKIPBGCWpowa1IJViBF/BUdpZcH5I42W/iLT50mEzOA+3rdwcY2o/et0B96FZUd9iSmJLg1cDGhRZ+LJSlJBrKYdHLZji2HqOW6kT+J/gM9HnuteF+R5ScV1ZoEVVMXqAiqOptTSPbQkWR/YzXVdDKw3XuXIIwH81hTd2gAmpZEE/zXoGEfQYmJt0eB0DvSbCKFddwyqughxYgfc8FQJXgw== X-OriginatorOrg: vmware.com X-MS-Exchange-CrossTenant-Network-Message-Id: 321f6d79-36a0-46fd-6d3a-08dc847afc50 X-MS-Exchange-CrossTenant-AuthSource: BYAPR05MB5989.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Jun 2024 09:44:53.5313 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: b39138ca-3cee-4b4a-a4d6-cd83d9dd62f0 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: sOKHMFKea5M/IT6CR8IaDUJQRmm17DKO3VwIWnvwmkw7al9tMH/Yu139CFIzWUy/ncwRRWataaeEYQclEIrHnHuPd+s2EoSzFBRJTSdY2kw= X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR05MB10141 Subject: [ovs-dev] [PATCH v1 1/1] datapath-windows : Avoid a deadlock when processing TFTP conntrack. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Wilson Peng via dev From: Wilson Peng Reply-To: Wilson Peng Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Wilson Peng It is found the TFTP reply packet with source port 69 will trigger host hang And the possible coredump. According to part 4 in TFTP RFC https://datatracker.ietf.org/doc/html/rfc1350, The TFTP reply packet should use a new source-port(not 69) to connect to Client. Upon this TFTP reply packet ovs-windows kernel part will meet deadlock as it Does set entry->parent to be equal to entry itself. Reproducing step(installing ovsext driver on Win2019 server): Topo: podvif38--192.168.10.38-----ovs----192.168.10.40----podvif40 Setup flow on local setup, $Vif38Name="podvif38" $Vif40Name="podvif40" ovs-ofctl del-flows br-int --strict "table=0,priority=0" ovs-ofctl add-flow br-int "table=0,in_port=$Vif38Name,udp, actions=ct(commit,alg=tftp),output:$Vif40Name" Constructing a TFTP request and reply packet using scapy below, TFTPPacket1=Ether(dst="00:15:5d:04:a0:a2",src="00:15:5d:04:a0:a1")/ IP(src="192.168.10.38",dst="192.168.10.40")/ UDP(sport=51000,dport=69)/TFTP()/ TFTP_RRQ(filename="OVSIM_CERT.cer",mode="octet") TFTPPacket2=Ether(dst="00:15:5d:04:a0:a1",src="00:15:5d:04:a0:a2")/ IP(src="192.168.10.40",dst="192.168.10.38")/ UDP(sport=69,dport=51000)/TFTP()/ TFTP_ERROR(errorcode=4,errormsg=b'Access violation') Sending the packet via ovs CMD, ovs-ofctl packet-out br-int 1 'resubmit(,0)' 00155D04A0A800155D04A0A7080045000033000100004011E51AC0A80A26C0A80A28C7380045001' FBFCC00014F5653494D5F434552542E636572006F6374657400 ovs-ofctl packet-out br-int 1 'resubmit(,0)' 00155D04A0A700155D04A0A8080045000031000100004011E51CC0A80A28C0A80A260045C73800' 1DB033000500044163636573732076696F6C6174696F6E2E00 Without the fix, Windows node will HANG and not responding. It is good to backport the fix to main and backported until 3.1 Signed-off-by: Wilson Peng --- datapath-windows/ovsext/Conntrack.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/datapath-windows/ovsext/Conntrack.c b/datapath-windows/ovsext/Conntrack.c index 39ba5cc10..ae91ed18e 100644 --- a/datapath-windows/ovsext/Conntrack.c +++ b/datapath-windows/ovsext/Conntrack.c @@ -1033,9 +1033,15 @@ OvsProcessConntrackEntry(OvsForwardingContext *fwdCtx, } else { POVS_CT_ENTRY parentEntry; parentEntry = OvsCtRelatedLookup(ctx->key, currentTime); - entry->parent = parentEntry; - if (parentEntry != NULL) { - state |= OVS_CS_F_RELATED; + if (((layers->isIPv6 && key->ipv6Key.nwProto == IPPROTO_UDP) || + (!(layers->isIPv6) && key->ipKey.nwProto == IPPROTO_UDP)) && + (parentEntry == entry)) { + /* Do nothing here, it would deadlock for invalid tftp packet*/ + } else { + entry->parent = parentEntry; + if (parentEntry != NULL) { + state |= OVS_CS_F_RELATED; + } } } }