net: fib_rules: Factorise fib_newrule() and fib_delrule().

fib_nl_newrule() / fib_nl_delrule() is the doit() handler for
RTM_NEWRULE / RTM_DELRULE but also called from vrf_newlink().

Currently, we hold RTNL on both paths but will not on the former.

Also, we set dev_net(dev)->rtnl to skb->sk in vrf_fib_rule() because
fib_nl_newrule() / fib_nl_delrule() fetch net as sock_net(skb->sk).

Let's Factorise the two functions and pass net and rtnl_held flag.

Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Tested-by: Ido Schimmel <idosch@nvidia.com>
Link: https://patch.msgid.link/20250207072502.87775-6-kuniyu@amazon.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/drivers/net/vrf.c b/drivers/net/vrf.c
index ca81b212a246bc66b1b171bd423bbabc44b328ea..5f21ce1013c426b373a857d5000a0daabcc1b898 100644 (file)
--- a/drivers/net/vrf.c
+++ b/drivers/net/vrf.c
@@ -1537,14 +1537,12 @@ static int vrf_fib_rule(const struct net_device *dev, __u8 family, bool add_it)
 
        nlmsg_end(skb, nlh);
 
-       /* fib_nl_{new,del}rule handling looks for net from skb->sk */
-       skb->sk = dev_net(dev)->rtnl;
        if (add_it) {
-               err = fib_nl_newrule(skb, nlh, NULL);
+               err = fib_newrule(dev_net(dev), skb, nlh, NULL, true);
                if (err == -EEXIST)
                        err = 0;
        } else {
-               err = fib_nl_delrule(skb, nlh, NULL);
+               err = fib_delrule(dev_net(dev), skb, nlh, NULL, true);
                if (err == -ENOENT)
                        err = 0;
        }

diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h
index 04383d90a1e38847d9d10f8fd0c4bf2ef67af713..710caacad9da15f92b8ac19067a210d8fc82b74f 100644 (file)
--- a/include/net/fib_rules.h
+++ b/include/net/fib_rules.h
@@ -178,10 +178,10 @@ int fib_rules_dump(struct net *net, struct notifier_block *nb, int family,
                   struct netlink_ext_ack *extack);
 unsigned int fib_rules_seq_read(const struct net *net, int family);
 
-int fib_nl_newrule(struct sk_buff *skb, struct nlmsghdr *nlh,
-                  struct netlink_ext_ack *extack);
-int fib_nl_delrule(struct sk_buff *skb, struct nlmsghdr *nlh,
-                  struct netlink_ext_ack *extack);
+int fib_newrule(struct net *net, struct sk_buff *skb, struct nlmsghdr *nlh,
+               struct netlink_ext_ack *extack, bool rtnl_held);
+int fib_delrule(struct net *net, struct sk_buff *skb, struct nlmsghdr *nlh,
+               struct netlink_ext_ack *extack, bool rtnl_held);
 
 INDIRECT_CALLABLE_DECLARE(int fib6_rule_match(struct fib_rule *rule,
                                            struct flowi *fl, int flags));

diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c
index 694a8c2884a8f19e70d032bda02a64628e0c0627..d68332d9cac611e06938445bf90a06eb4f3d8c03 100644 (file)
--- a/net/core/fib_rules.c
+++ b/net/core/fib_rules.c
@@ -783,15 +783,14 @@ static const struct nla_policy fib_rule_policy[FRA_MAX + 1] = {
        [FRA_FLOWLABEL_MASK] = { .type = NLA_BE32 },
 };
 
-int fib_nl_newrule(struct sk_buff *skb, struct nlmsghdr *nlh,
-                  struct netlink_ext_ack *extack)
+int fib_newrule(struct net *net, struct sk_buff *skb, struct nlmsghdr *nlh,
+               struct netlink_ext_ack *extack, bool rtnl_held)
 {
-       struct net *net = sock_net(skb->sk);
+       struct fib_rule *rule = NULL, *r, *last = NULL;
        struct fib_rule_hdr *frh = nlmsg_data(nlh);
+       int err = -EINVAL, unresolved = 0;
        struct fib_rules_ops *ops = NULL;
-       struct fib_rule *rule = NULL, *r, *last = NULL;
        struct nlattr *tb[FRA_MAX + 1];
-       int err = -EINVAL, unresolved = 0;
        bool user_priority = false;
 
        if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*frh))) {
@@ -893,18 +892,23 @@ errout:
        rules_ops_put(ops);
        return err;
 }
-EXPORT_SYMBOL_GPL(fib_nl_newrule);
+EXPORT_SYMBOL_GPL(fib_newrule);
 
-int fib_nl_delrule(struct sk_buff *skb, struct nlmsghdr *nlh,
-                  struct netlink_ext_ack *extack)
+static int fib_nl_newrule(struct sk_buff *skb, struct nlmsghdr *nlh,
+                         struct netlink_ext_ack *extack)
 {
-       struct net *net = sock_net(skb->sk);
+       return fib_newrule(sock_net(skb->sk), skb, nlh, extack, true);
+}
+
+int fib_delrule(struct net *net, struct sk_buff *skb, struct nlmsghdr *nlh,
+               struct netlink_ext_ack *extack, bool rtnl_held)
+{
+       struct fib_rule *rule = NULL, *nlrule = NULL;
        struct fib_rule_hdr *frh = nlmsg_data(nlh);
        struct fib_rules_ops *ops = NULL;
-       struct fib_rule *rule = NULL, *r, *nlrule = NULL;
        struct nlattr *tb[FRA_MAX+1];
-       int err = -EINVAL;
        bool user_priority = false;
+       int err = -EINVAL;
 
        if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*frh))) {
                NL_SET_ERR_MSG(extack, "Invalid msg length");
@@ -969,7 +973,7 @@ int fib_nl_delrule(struct sk_buff *skb, struct nlmsghdr *nlh,
         * current if it is goto rule, have actually been added.
         */
        if (ops->nr_goto_rules > 0) {
-               struct fib_rule *n;
+               struct fib_rule *n, *r;
 
                n = list_next_entry(rule, list);
                if (&n->list == &ops->rules_list || n->pref != rule->pref)
@@ -998,7 +1002,13 @@ errout:
        rules_ops_put(ops);
        return err;
 }
-EXPORT_SYMBOL_GPL(fib_nl_delrule);
+EXPORT_SYMBOL_GPL(fib_delrule);
+
+static int fib_nl_delrule(struct sk_buff *skb, struct nlmsghdr *nlh,
+                         struct netlink_ext_ack *extack)
+{
+       return fib_delrule(sock_net(skb->sk), skb, nlh, extack, true);
+}
 
 static inline size_t fib_rule_nlmsg_size(struct fib_rules_ops *ops,
                                         struct fib_rule *rule)