| Message ID | 20230817145449.141827-1-luwei32@huawei.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp1449685vqi;
Fri, 18 Aug 2023 07:39:12 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IFtstCuUhx2aU6y7Nc5jIHyKo6TjT3mHl3Je8SSefOfyM+ozScdrJ90TQH1e1NcemI55VOd
X-Received: by 2002:a19:5e5c:0:b0:4fe:347d:7c4b with SMTP id
z28-20020a195e5c000000b004fe347d7c4bmr1711952lfi.7.1692369552622;
Fri, 18 Aug 2023 07:39:12 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1692369552; cv=none;
d=google.com; s=arc-20160816;
b=VABBIsPcycFBxoCe3hYpYE1BI0fF205zT6Verd/hDiqIKC0FnoM1IPxLyU57L7azJV
Jo+4rhlflEE8qa77OKiHDEjh8iuplMb+usoEyJ9S7iZOvF8MxfX+q94IXsRL8GSs71xA
75n4Yqdx+q38KToY76kI6Z056yYOU8IHwfxtjm6cabO+NtF8/wZ+iCaRwGHhOr8p4TH6
eyjPiuwMs6JSG3J+G5pA/mnrPgyEQ6Pco06QMhnQvC94QlZdKmgEL+dVn045cfdy8PBm
H+9Sj35k5XOoqgoOfWsNM9UheJOIx9Xa0oIwwqAhs3E0gfRUd/gCKj/d/aoe3K/NeGax
ZVQQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:to:from;
bh=roP8TwCCLHhngn7wFvfjwZfj57bCJe7YtCM1/FpbwlQ=;
fh=hl7yw7AHfaq5LgoukrnRdp1u9mPiioHkK3OSPomZzz8=;
b=FHc7VFx+ft00bp3WRL9aaaDCMZjWZ9Kpykz9uMcDRv0G+myBGkE+T2B+noiEclzec+
bqbiTE75U/5FXlYaJXSfxXJJLuPrbR2ZalNBU7u2UJ6dofbS37oDFsV5BpHSwWStpHj9
wS6hRGLozLBNOzQxeSi1dCFtnNau0Of2EER36Ip19Ztxuw1cHnT+lNONE0SDGHmBtnmt
RL96OLAyEfrS2evKr/jrfksBq8zXJtO9yarkbh7gjL9vWdlD3CwYXyjzupR7UBTlQYM1
cYOowHnCDUbKNiUF3UYlP88hCAdSh1PjOiY4z/yo89cwZO2FTrJILqffQF/xpn26Yqub
bUmg==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
k19-20020a1709065fd300b0099212b34e82si1409366ejv.18.2023.08.18.07.38.40;
Fri, 18 Aug 2023 07:39:12 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S1351383AbjHQNeU (ORCPT <rfc822;274620705z@gmail.com>
+ 99 others); Thu, 17 Aug 2023 09:34:20 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43554 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S1351582AbjHQNeL (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Thu, 17 Aug 2023 09:34:11 -0400
Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BDD84114;
Thu, 17 Aug 2023 06:34:00 -0700 (PDT)
Received: from kwepemi500015.china.huawei.com (unknown [172.30.72.53])
by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4RRQs26t64zVk4s;
Thu, 17 Aug 2023 21:31:50 +0800 (CST)
Received: from huawei.com (10.175.101.6) by kwepemi500015.china.huawei.com
(7.221.188.92) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.31; Thu, 17 Aug
2023 21:33:57 +0800
From: Lu Wei <luwei32@huawei.com>
To: <davem@davemloft.net>, <edumazet@google.com>, <kuba@kernel.org>,
<pabeni@redhat.com>, <wsa+renesas@sang-engineering.com>,
<tglx@linutronix.de>, <peterz@infradead.org>, <maheshb@google.com>,
<fw@strlen.de>, <netdev@vger.kernel.org>,
<linux-kernel@vger.kernel.org>
Subject: [PATCH net] ipvlan: Fix a reference count leak warning in
ipvlan_ns_exit()
Date: Thu, 17 Aug 2023 22:54:49 +0800
Message-ID: <20230817145449.141827-1-luwei32@huawei.com>
X-Mailer: git-send-email 2.31.1
MIME-Version: 1.0
Content-Transfer-Encoding: 7BIT
Content-Type: text/plain; charset=US-ASCII
X-Originating-IP: [10.175.101.6]
X-ClientProxiedBy: dggems703-chm.china.huawei.com (10.3.19.180) To
kwepemi500015.china.huawei.com (7.221.188.92)
X-CFilter-Loop: Reflected
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_PASS
autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1774578096096886880
X-GMAIL-MSGID: 1774578096096886880
|
| Series |
[net] ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
|
|
Commit Message
Lu Wei
Aug. 17, 2023, 2:54 p.m. UTC
There are two network devices(veth1 and veth3) in ns1, and ipvlan1 with
L3S mode and ipvlan2 with L2 mode are created based on them as
figure (1). In this case, ipvlan_register_nf_hook() will be called to
register nf hook which is needed by ipvlans in L3S mode in ns1 and value
of ipvl_nf_hook_refcnt is set to 1.
(1)
ns1 ns2
------------ ------------
veth1--ipvlan1 (L3S)
veth3--ipvlan2 (L2)
(2)
ns1 ns2
------------ ------------
veth1--ipvlan1 (L3S)
ipvlan2 (L2) veth3
| |
|------->-------->--------->--------
migrate
When veth3 migrates from ns1 to ns2 as figure (2), veth3 will register in
ns2 and calls call_netdevice_notifiers with NETDEV_REGISTER event:
dev_change_net_namespace
call_netdevice_notifiers
ipvlan_device_event
ipvlan_migrate_l3s_hook
ipvlan_register_nf_hook(newnet) (I)
ipvlan_unregister_nf_hook(oldnet) (II)
In function ipvlan_migrate_l3s_hook(), ipvl_nf_hook_refcnt in ns1 is not 0
since veth1 with ipvlan1 still in ns1, (I) and (II) will be called to
register nf_hook in ns2 and unregister nf_hook in ns1. As a result,
ipvl_nf_hook_refcnt in ns1 is decreased incorrectly and this in ns2
is increased incorrectly. When the second net namespace is removed, a
reference count leak warning in ipvlan_ns_exit() will be triggered.
This patch add a check before ipvlan_migrate_l3s_hook() is called. The
warning can be triggered as follows:
$ ip netns add ns1
$ ip netns add ns2
$ ip netns exec ns1 ip link add veth1 type veth peer name veth2
$ ip netns exec ns1 ip link add veth3 type veth peer name veth4
$ ip netns exec ns1 ip link add ipv1 link veth1 type ipvlan mode l3s
$ ip netns exec ns1 ip link add ipv2 link veth3 type ipvlan mode l2
$ ip netns exec ns1 ip link set veth3 netns ns2
$ ip net del ns2
Fixes: 3133822f5ac1 ("ipvlan: use pernet operations and restrict l3s hooks to master netns")
Signed-off-by: Lu Wei <luwei32@huawei.com>
---
drivers/net/ipvlan/ipvlan_main.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Comments
Lu Wei <luwei32@huawei.com> wrote: > There are two network devices(veth1 and veth3) in ns1, and ipvlan1 with > L3S mode and ipvlan2 with L2 mode are created based on them as > figure (1). In this case, ipvlan_register_nf_hook() will be called to > register nf hook which is needed by ipvlans in L3S mode in ns1 and value > of ipvl_nf_hook_refcnt is set to 1. [..] > register nf_hook in ns2 and unregister nf_hook in ns1. As a result, > ipvl_nf_hook_refcnt in ns1 is decreased incorrectly and this in ns2 > is increased incorrectly. When the second net namespace is removed, a > reference count leak warning in ipvlan_ns_exit() will be triggered. > > This patch add a check before ipvlan_migrate_l3s_hook() is called. Reviewed-by: Florian Westphal <fw@strlen.de>
diff --git a/drivers/net/ipvlan/ipvlan_main.c b/drivers/net/ipvlan/ipvlan_main.c index b15dd9a3ad54..1b55928e89b8 100644 --- a/drivers/net/ipvlan/ipvlan_main.c +++ b/drivers/net/ipvlan/ipvlan_main.c @@ -748,7 +748,8 @@ static int ipvlan_device_event(struct notifier_block *unused, write_pnet(&port->pnet, newnet); - ipvlan_migrate_l3s_hook(oldnet, newnet); + if (port->mode == IPVLAN_MODE_L3S) + ipvlan_migrate_l3s_hook(oldnet, newnet); break; } case NETDEV_UNREGISTER: