From patchwork Thu Aug 17 14:54:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lu Wei X-Patchwork-Id: 136022 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp1449685vqi; Fri, 18 Aug 2023 07:39:12 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFtstCuUhx2aU6y7Nc5jIHyKo6TjT3mHl3Je8SSefOfyM+ozScdrJ90TQH1e1NcemI55VOd X-Received: by 2002:a19:5e5c:0:b0:4fe:347d:7c4b with SMTP id z28-20020a195e5c000000b004fe347d7c4bmr1711952lfi.7.1692369552622; Fri, 18 Aug 2023 07:39:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692369552; cv=none; d=google.com; s=arc-20160816; b=VABBIsPcycFBxoCe3hYpYE1BI0fF205zT6Verd/hDiqIKC0FnoM1IPxLyU57L7azJV Jo+4rhlflEE8qa77OKiHDEjh8iuplMb+usoEyJ9S7iZOvF8MxfX+q94IXsRL8GSs71xA 75n4Yqdx+q38KToY76kI6Z056yYOU8IHwfxtjm6cabO+NtF8/wZ+iCaRwGHhOr8p4TH6 eyjPiuwMs6JSG3J+G5pA/mnrPgyEQ6Pco06QMhnQvC94QlZdKmgEL+dVn045cfdy8PBm H+9Sj35k5XOoqgoOfWsNM9UheJOIx9Xa0oIwwqAhs3E0gfRUd/gCKj/d/aoe3K/NeGax ZVQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:to:from; bh=roP8TwCCLHhngn7wFvfjwZfj57bCJe7YtCM1/FpbwlQ=; fh=hl7yw7AHfaq5LgoukrnRdp1u9mPiioHkK3OSPomZzz8=; b=FHc7VFx+ft00bp3WRL9aaaDCMZjWZ9Kpykz9uMcDRv0G+myBGkE+T2B+noiEclzec+ bqbiTE75U/5FXlYaJXSfxXJJLuPrbR2ZalNBU7u2UJ6dofbS37oDFsV5BpHSwWStpHj9 wS6hRGLozLBNOzQxeSi1dCFtnNau0Of2EER36Ip19Ztxuw1cHnT+lNONE0SDGHmBtnmt RL96OLAyEfrS2evKr/jrfksBq8zXJtO9yarkbh7gjL9vWdlD3CwYXyjzupR7UBTlQYM1 cYOowHnCDUbKNiUF3UYlP88hCAdSh1PjOiY4z/yo89cwZO2FTrJILqffQF/xpn26Yqub bUmg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k19-20020a1709065fd300b0099212b34e82si1409366ejv.18.2023.08.18.07.38.40; Fri, 18 Aug 2023 07:39:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1351383AbjHQNeU (ORCPT + 99 others); Thu, 17 Aug 2023 09:34:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43554 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1351582AbjHQNeL (ORCPT ); Thu, 17 Aug 2023 09:34:11 -0400 Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BDD84114; Thu, 17 Aug 2023 06:34:00 -0700 (PDT) Received: from kwepemi500015.china.huawei.com (unknown [172.30.72.53]) by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4RRQs26t64zVk4s; Thu, 17 Aug 2023 21:31:50 +0800 (CST) Received: from huawei.com (10.175.101.6) by kwepemi500015.china.huawei.com (7.221.188.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.31; Thu, 17 Aug 2023 21:33:57 +0800 From: Lu Wei To: , , , , , , , , , , Subject: [PATCH net] ipvlan: Fix a reference count leak warning in ipvlan_ns_exit() Date: Thu, 17 Aug 2023 22:54:49 +0800 Message-ID: <20230817145449.141827-1-luwei32@huawei.com> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 X-Originating-IP: [10.175.101.6] X-ClientProxiedBy: dggems703-chm.china.huawei.com (10.3.19.180) To kwepemi500015.china.huawei.com (7.221.188.92) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774578096096886880 X-GMAIL-MSGID: 1774578096096886880 There are two network devices(veth1 and veth3) in ns1, and ipvlan1 with L3S mode and ipvlan2 with L2 mode are created based on them as figure (1). In this case, ipvlan_register_nf_hook() will be called to register nf hook which is needed by ipvlans in L3S mode in ns1 and value of ipvl_nf_hook_refcnt is set to 1. (1) ns1 ns2 ------------ ------------ veth1--ipvlan1 (L3S) veth3--ipvlan2 (L2) (2) ns1 ns2 ------------ ------------ veth1--ipvlan1 (L3S) ipvlan2 (L2) veth3 | | |------->-------->--------->-------- migrate When veth3 migrates from ns1 to ns2 as figure (2), veth3 will register in ns2 and calls call_netdevice_notifiers with NETDEV_REGISTER event: dev_change_net_namespace call_netdevice_notifiers ipvlan_device_event ipvlan_migrate_l3s_hook ipvlan_register_nf_hook(newnet) (I) ipvlan_unregister_nf_hook(oldnet) (II) In function ipvlan_migrate_l3s_hook(), ipvl_nf_hook_refcnt in ns1 is not 0 since veth1 with ipvlan1 still in ns1, (I) and (II) will be called to register nf_hook in ns2 and unregister nf_hook in ns1. As a result, ipvl_nf_hook_refcnt in ns1 is decreased incorrectly and this in ns2 is increased incorrectly. When the second net namespace is removed, a reference count leak warning in ipvlan_ns_exit() will be triggered. This patch add a check before ipvlan_migrate_l3s_hook() is called. The warning can be triggered as follows: $ ip netns add ns1 $ ip netns add ns2 $ ip netns exec ns1 ip link add veth1 type veth peer name veth2 $ ip netns exec ns1 ip link add veth3 type veth peer name veth4 $ ip netns exec ns1 ip link add ipv1 link veth1 type ipvlan mode l3s $ ip netns exec ns1 ip link add ipv2 link veth3 type ipvlan mode l2 $ ip netns exec ns1 ip link set veth3 netns ns2 $ ip net del ns2 Fixes: 3133822f5ac1 ("ipvlan: use pernet operations and restrict l3s hooks to master netns") Signed-off-by: Lu Wei Reviewed-by: Florian Westphal --- drivers/net/ipvlan/ipvlan_main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/net/ipvlan/ipvlan_main.c b/drivers/net/ipvlan/ipvlan_main.c index b15dd9a3ad54..1b55928e89b8 100644 --- a/drivers/net/ipvlan/ipvlan_main.c +++ b/drivers/net/ipvlan/ipvlan_main.c @@ -748,7 +748,8 @@ static int ipvlan_device_event(struct notifier_block *unused, write_pnet(&port->pnet, newnet); - ipvlan_migrate_l3s_hook(oldnet, newnet); + if (port->mode == IPVLAN_MODE_L3S) + ipvlan_migrate_l3s_hook(oldnet, newnet); break; } case NETDEV_UNREGISTER: