| Message ID | 20230327-vsock-fix-leak-v2-1-f6619972dee0@bytedance.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp2355263vqo;
Tue, 28 Mar 2023 09:39:51 -0700 (PDT)
X-Google-Smtp-Source:
AKy350Yro2KZdiwO0FDQcEkE8Tot/5yGhhXG0eVBN5oEmONBvFTXevsvy4EGbG9iCb3jhCg2ez28
X-Received: by 2002:a17:906:13d3:b0:930:1178:2220 with SMTP id
g19-20020a17090613d300b0093011782220mr17562649ejc.40.1680021590950;
Tue, 28 Mar 2023 09:39:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1680021590; cv=none;
d=google.com; s=arc-20160816;
b=I4EPXg2nSDIajxJzITIGeZQPzGayTass7JXLXfCe1MOu+qSjNWukCa7wb4tz++SGAT
N5um6fBMVmdx60qJvNEfMvxCJ5cfjVf515aUavXqKtaqIsdK+NA/WIuY3djr+6l5Qnm3
Bsy7q1ixQ2n1HRNMMejIQzq2t8zd6vA08rUHEJ2R35ESRm9AIOcPABdO+ZGb5YYOdIVE
dalyV8EfpXo1Bvxdvsgk+ynqQ4KZNzlFUgEazTVUhIIIEWGpMEGfPBjpOa+g94XK7MKa
X39dfkpjY0sKXDEGhkmSl7LASPFtsAkbDC/mFHPj0G95x0vTd40KF1Rr5/i3sD6nWCdM
6SQQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:cc:to:message-id:content-transfer-encoding
:mime-version:subject:date:from:dkim-signature;
bh=pF7n/Eqo2dEZoKzmZtiE3BnURDQ21G0m3HQyJWfxRsU=;
b=eiW+1SgDkFcGaVa6ZqzykSyK6xpiKGef8N8/6HEI1UwbkAPpGtIQBE6jDlKwGJao8O
jP3dLvZw5FcJsu0FDZI2/0BBTG6OXT8uBxxe3vDbLdbdoK15JYuetw3WVmXmAwRqng5q
F7g1gDzvW9ImaYM6RHbZ91/DFyk5euSkhLW/P/AdSKG+O868aZX8Oo+/Y3WGSz8tss2i
Qjmp0qjaVtjGBBFYQyj0ZGFbmVMzSlhgag0FYOF/8YHKz/lvZS0qWGu4oHJMM06e8nQi
p6OXVCoBwV4Rg/IZT0Bt073SI/ATqevsd2HV6orIQ5x7tijSHBzsofYY9TQ0LiQZwv2O
5EsA==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@bytedance.com header.s=google header.b=V3u7TE7L;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE)
header.from=bytedance.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
z1-20020a170906074100b008b17dfa77fdsi28881398ejb.127.2023.03.28.09.39.26;
Tue, 28 Mar 2023 09:39:50 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@bytedance.com header.s=google header.b=V3u7TE7L;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE)
header.from=bytedance.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S232667AbjC1QaE (ORCPT <rfc822;rua109.linux@gmail.com>
+ 99 others); Tue, 28 Mar 2023 12:30:04 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39136 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S233230AbjC1Q3o (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 28 Mar 2023 12:29:44 -0400
Received: from mail-qv1-xf2a.google.com (mail-qv1-xf2a.google.com
[IPv6:2607:f8b0:4864:20::f2a])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0C8E0CC13
for <linux-kernel@vger.kernel.org>;
Tue, 28 Mar 2023 09:29:18 -0700 (PDT)
Received: by mail-qv1-xf2a.google.com with SMTP id g9so9539771qvt.8
for <linux-kernel@vger.kernel.org>;
Tue, 28 Mar 2023 09:29:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=bytedance.com; s=google; t=1680020957;
h=cc:to:message-id:content-transfer-encoding:mime-version:subject
:date:from:from:to:cc:subject:date:message-id:reply-to;
bh=pF7n/Eqo2dEZoKzmZtiE3BnURDQ21G0m3HQyJWfxRsU=;
b=V3u7TE7LZ8maCIPEsKINGf1if8fTws2/Y7d4jTDkHOvKyU33hdvPtvY9jESgpaWGIF
0ARloOvRAPwWhd8EhX6QSOxiVDap2H/3cq4bpwwVHjeaUlOPWOm2inUl+oH8OSDMR5M/
SdaLqA2Ipuvpp+3u7qzn2zoHSP8m+cEOrdfCZaC613Te2whCi7g0YBWEToNwmPcwrkzj
gfmWX0Rrqrz9dTKco9YZrITp1Rp1BsGmqFkQeVnJTViM0vsaVUd3qrOhs9a2flrtTTXD
UWm9G8sP18joTGecb8HPnns6+9aqDoHHIU4w0fgb6jJkAvksMVRsNNCF9eTrObnecZRC
ofNg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112; t=1680020957;
h=cc:to:message-id:content-transfer-encoding:mime-version:subject
:date:from:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=pF7n/Eqo2dEZoKzmZtiE3BnURDQ21G0m3HQyJWfxRsU=;
b=BVoYGXOhvNumgXKH/tRxyu9H8qXCN3rB0Jz9pqbOq2QIeMWDxK3CeC3cEcrQbWc4ah
WenbgjZl17WDBTgxlx5sQcQ0IxJ3zv9D+5BR4UkBgfS3/ndXtF8FV/2XA9zb+aI7JvTt
xK7Tftjuv4lUEwFwXT+67WiZtXKWMc1OV8SJ5QOEgbVvgqiy4fBSoxJgMBR9T6TM6lF0
OurinLo4B8ycRr0xMCoJPaM0+xZs7pfKb7TP+P2hIZMUdBHt1se5g0zuia4N9UgN9R3K
uzrmiN1LeIeRS9LeLAOJJtg0z4ib88CpRDrxEOOiqTZhM08DPjVTWZPM2raWt2I9Felg
XJpw==
X-Gm-Message-State: AAQBX9e1gGPoKXGVqy+50+ig3rk7XSkigRVjWLlRpKZnSt1KeJmwS7PD
/sD0jAwr+tUPXVChxbvwVBnCJg==
X-Received: by 2002:a05:6214:ac4:b0:56e:a791:37c6 with SMTP id
g4-20020a0562140ac400b0056ea79137c6mr31974268qvi.16.1680020957159;
Tue, 28 Mar 2023 09:29:17 -0700 (PDT)
Received: from [172.17.0.3] ([130.44.215.103])
by smtp.gmail.com with ESMTPSA id
mk5-20020a056214580500b005dd8b93459csm3899644qvb.52.2023.03.28.09.29.16
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 28 Mar 2023 09:29:16 -0700 (PDT)
From: Bobby Eshleman <bobby.eshleman@bytedance.com>
Date: Tue, 28 Mar 2023 16:29:09 +0000
Subject: [PATCH net v2] virtio/vsock: fix leaks due to missing skb owner
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <20230327-vsock-fix-leak-v2-1-f6619972dee0@bytedance.com>
X-B4-Tracking: v=1; b=H4sIANQVI2QC/3WOTQ6CMBCFr2Jm7RjaBiGuvIdh0ZapNGhrOqRKC
He3sHHl8v3lewswJU8Ml8MCibJnH0MR8ngAO+hwJ/R90SArqSolG8wc7YjOf/BBekQjLDlRt1L
rFsrIaCY0SQc7bLNfm0eD8R0oba1XouLt2BsEmqAr5uB5imner2SxR/+oWaBA5agndW5EVburm
SfqC5VONj6hW9f1C1Y7DNTbAAAA
To: Stefan Hajnoczi <stefanha@redhat.com>,
Stefano Garzarella <sgarzare@redhat.com>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>,
Paolo Abeni <pabeni@redhat.com>,
Bobby Eshleman <bobby.eshleman@bytedance.com>
Cc: kvm@vger.kernel.org, virtualization@lists.linux-foundation.org,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
Cong Wang <xiyou.wangcong@gmail.com>
X-Mailer: b4 0.12.2
X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS
autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1761630319391957679?=
X-GMAIL-MSGID: =?utf-8?q?1761630319391957679?=
|
| Series |
[net,v2] virtio/vsock: fix leaks due to missing skb owner
|
|
Commit Message
Bobby Eshleman
March 28, 2023, 4:29 p.m. UTC
This patch sets the skb owner in the recv and send path for virtio.
For the send path, this solves the leak caused when
virtio_transport_purge_skbs() finds skb->sk is always NULL and therefore
never matches it with the current socket. Setting the owner upon
allocation fixes this.
For the recv path, this ensures correctness of accounting and also
correct transfer of ownership in vsock_loopback (when skbs are sent from
one socket and received by another).
Fixes: 71dc9ec9ac7d ("virtio/vsock: replace virtio_vsock_pkt with sk_buff")
Signed-off-by: Bobby Eshleman <bobby.eshleman@bytedance.com>
Reported-by: Cong Wang <xiyou.wangcong@gmail.com>
Link: https://lore.kernel.org/all/ZCCbATwov4U+GBUv@pop-os.localdomain/
---
Changes in v2:
- virtio/vsock: add skb_set_owner_r to recv_pkt()
- Link to v1: https://lore.kernel.org/r/20230327-vsock-fix-leak-v1-1-3fede367105f@bytedance.com
---
net/vmw_vsock/virtio_transport_common.c | 5 +++++
1 file changed, 5 insertions(+)
---
base-commit: e5b42483ccce50d5b957f474fd332afd4ef0c27b
change-id: 20230327-vsock-fix-leak-b1cef1582aa8
Best regards,
Comments
On Wed, Mar 29, 2023 at 09:16:19AM +0200, Stefano Garzarella wrote: > On Tue, Mar 28, 2023 at 04:29:09PM +0000, Bobby Eshleman wrote: > > This patch sets the skb owner in the recv and send path for virtio. > > > > For the send path, this solves the leak caused when > > virtio_transport_purge_skbs() finds skb->sk is always NULL and therefore > > never matches it with the current socket. Setting the owner upon > > allocation fixes this. > > > > For the recv path, this ensures correctness of accounting and also > > correct transfer of ownership in vsock_loopback (when skbs are sent from > > one socket and received by another). > > > > Fixes: 71dc9ec9ac7d ("virtio/vsock: replace virtio_vsock_pkt with sk_buff") > > Signed-off-by: Bobby Eshleman <bobby.eshleman@bytedance.com> > > Reported-by: Cong Wang <xiyou.wangcong@gmail.com> > > Link: https://lore.kernel.org/all/ZCCbATwov4U+GBUv@pop-os.localdomain/ > > --- > > Changes in v2: > > - virtio/vsock: add skb_set_owner_r to recv_pkt() > > - Link to v1: https://lore.kernel.org/r/20230327-vsock-fix-leak-v1-1-3fede367105f@bytedance.com > > --- > > net/vmw_vsock/virtio_transport_common.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio_transport_common.c > > index 957cdc01c8e8..900e5dca05f5 100644 > > --- a/net/vmw_vsock/virtio_transport_common.c > > +++ b/net/vmw_vsock/virtio_transport_common.c > > @@ -94,6 +94,9 @@ virtio_transport_alloc_skb(struct virtio_vsock_pkt_info *info, > > info->op, > > info->flags); > > > > + if (info->vsk) > > + skb_set_owner_w(skb, sk_vsock(info->vsk)); > > + > > return skb; > > > > out: > > @@ -1294,6 +1297,8 @@ void virtio_transport_recv_pkt(struct virtio_transport *t, > > goto free_pkt; > > } > > > > + skb_set_owner_r(skb, sk); > > + > > vsk = vsock_sk(sk); > > > > lock_sock(sk); > > Can you explain why we are using skb_set_owner_w/skb_set_owner_r? > > I'm a little concerned about 2 things: > - skb_set_owner_r() documentation says: "Stream and sequenced > protocols can't normally use this as they need to fit buffers in > and play with them." > - they increment sk_wmem_alloc and sk_rmem_alloc that we never used > (IIRC) > > For the long run, I think we should manage memory better, and using > socket accounting makes sense to me, but since we now have a different > system (which we have been carrying around since the introduction of > vsock), I think this change is a bit risky, especially as a fix. > > So my suggestion is to use skb_set_owner_sk_safe() for now, unless I > missed something about why to use skb_set_owner_w/skb_set_owner_r. > I think that makes sense. I was honestly unaware of skb_set_owner_sk_safe(), but given the reasons you stated and after reading its code, I agree it is a better fit in light of vsock's different accounting scheme. I'll switch it over in v3. Best, Bobby
On Tue, Mar 28, 2023 at 04:29:09PM +0000, Bobby Eshleman wrote: >This patch sets the skb owner in the recv and send path for virtio. > >For the send path, this solves the leak caused when >virtio_transport_purge_skbs() finds skb->sk is always NULL and therefore >never matches it with the current socket. Setting the owner upon >allocation fixes this. > >For the recv path, this ensures correctness of accounting and also >correct transfer of ownership in vsock_loopback (when skbs are sent from >one socket and received by another). > >Fixes: 71dc9ec9ac7d ("virtio/vsock: replace virtio_vsock_pkt with sk_buff") >Signed-off-by: Bobby Eshleman <bobby.eshleman@bytedance.com> >Reported-by: Cong Wang <xiyou.wangcong@gmail.com> >Link: https://lore.kernel.org/all/ZCCbATwov4U+GBUv@pop-os.localdomain/ >--- >Changes in v2: >- virtio/vsock: add skb_set_owner_r to recv_pkt() >- Link to v1: https://lore.kernel.org/r/20230327-vsock-fix-leak-v1-1-3fede367105f@bytedance.com >--- > net/vmw_vsock/virtio_transport_common.c | 5 +++++ > 1 file changed, 5 insertions(+) > >diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio_transport_common.c >index 957cdc01c8e8..900e5dca05f5 100644 >--- a/net/vmw_vsock/virtio_transport_common.c >+++ b/net/vmw_vsock/virtio_transport_common.c >@@ -94,6 +94,9 @@ virtio_transport_alloc_skb(struct virtio_vsock_pkt_info *info, > info->op, > info->flags); > >+ if (info->vsk) >+ skb_set_owner_w(skb, sk_vsock(info->vsk)); >+ > return skb; > > out: >@@ -1294,6 +1297,8 @@ void virtio_transport_recv_pkt(struct virtio_transport *t, > goto free_pkt; > } > >+ skb_set_owner_r(skb, sk); >+ > vsk = vsock_sk(sk); > > lock_sock(sk); Can you explain why we are using skb_set_owner_w/skb_set_owner_r? I'm a little concerned about 2 things: - skb_set_owner_r() documentation says: "Stream and sequenced protocols can't normally use this as they need to fit buffers in and play with them." - they increment sk_wmem_alloc and sk_rmem_alloc that we never used (IIRC) For the long run, I think we should manage memory better, and using socket accounting makes sense to me, but since we now have a different system (which we have been carrying around since the introduction of vsock), I think this change is a bit risky, especially as a fix. So my suggestion is to use skb_set_owner_sk_safe() for now, unless I missed something about why to use skb_set_owner_w/skb_set_owner_r. Thanks, Stefano
diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio_transport_common.c index 957cdc01c8e8..900e5dca05f5 100644 --- a/net/vmw_vsock/virtio_transport_common.c +++ b/net/vmw_vsock/virtio_transport_common.c @@ -94,6 +94,9 @@ virtio_transport_alloc_skb(struct virtio_vsock_pkt_info *info, info->op, info->flags); + if (info->vsk) + skb_set_owner_w(skb, sk_vsock(info->vsk)); + return skb; out: @@ -1294,6 +1297,8 @@ void virtio_transport_recv_pkt(struct virtio_transport *t, goto free_pkt; } + skb_set_owner_r(skb, sk); + vsk = vsock_sk(sk); lock_sock(sk);