* [GIT PULL net] IPVS
@ 2011-10-11 1:54 Simon Horman
2011-10-11 1:54 ` [PATCH] IPVS netns shutdown/startup dead-lock Simon Horman
0 siblings, 1 reply; 11+ messages in thread
From: Simon Horman @ 2011-10-11 1:54 UTC (permalink / raw)
To: Patrick McHardy, Pablo Neira Ayuso
Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang,
Julian Anastasov, David Miller
Hi Pablo, Hi Dave,
please consider the following change which is based on Dave's net tree.
The following changes since commit 3ee72ca99288f1de95ec9c570e43f531c8799f06:
Merge git://github.com/davem330/net (2011-10-06 16:15:10 -0700)
are available in the git repository at:
git@github.com:horms/ipvs.git master
Hans Schillstrom (1):
IPVS netns shutdown/startup dead-lock
include/net/ip_vs.h | 1 +
net/netfilter/ipvs/ip_vs_ctl.c | 131 ++++++++++++++++++++++++---------------
net/netfilter/ipvs/ip_vs_sync.c | 6 ++
3 files changed, 87 insertions(+), 51 deletions(-)
^ permalink raw reply [flat|nested] 11+ messages in thread* [PATCH] IPVS netns shutdown/startup dead-lock 2011-10-11 1:54 [GIT PULL net] IPVS Simon Horman @ 2011-10-11 1:54 ` Simon Horman 2011-10-12 16:33 ` Pablo Neira Ayuso 0 siblings, 1 reply; 11+ messages in thread From: Simon Horman @ 2011-10-11 1:54 UTC (permalink / raw) To: Patrick McHardy, Pablo Neira Ayuso Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang, Julian Anastasov, David Miller, Hans Schillstrom, Simon Horman From: Hans Schillstrom <hans@schillstrom.com> ip_vs_mutext is used by both netns shutdown code and startup and both implicit uses sk_lock-AF_INET mutex. cleanup CPU-1 startup CPU-2 ip_vs_dst_event() ip_vs_genl_set_cmd() sk_lock-AF_INET __ip_vs_mutex sk_lock-AF_INET __ip_vs_mutex * DEAD LOCK * A new mutex placed in ip_vs netns struct called sync_mutex is added. Comments from Julian and Simon added. This patch has been running for more than 3 month now and it seems to work. Ver. 3 IP_VS_SO_GET_DAEMON in do_ip_vs_get_ctl protected by sync_mutex instead of __ip_vs_mutex as sugested by Julian. Signed-off-by: Hans Schillstrom <hans@schillstrom.com> Acked-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> --- include/net/ip_vs.h | 1 + net/netfilter/ipvs/ip_vs_ctl.c | 131 ++++++++++++++++++++++++--------------- net/netfilter/ipvs/ip_vs_sync.c | 6 ++ 3 files changed, 87 insertions(+), 51 deletions(-) diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 1aaf915..8fa4430 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -900,6 +900,7 @@ struct netns_ipvs { volatile int sync_state; volatile int master_syncid; volatile int backup_syncid; + struct mutex sync_mutex; /* multicast interface name */ char master_mcast_ifn[IP_VS_IFNAME_MAXLEN]; char backup_mcast_ifn[IP_VS_IFNAME_MAXLEN]; diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 5290ac3..e3be48b 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -2283,6 +2283,7 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len) struct ip_vs_service *svc; struct ip_vs_dest_user *udest_compat; struct ip_vs_dest_user_kern udest; + struct netns_ipvs *ipvs = net_ipvs(net); if (!capable(CAP_NET_ADMIN)) return -EPERM; @@ -2303,6 +2304,24 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len) /* increase the module use count */ ip_vs_use_count_inc(); + /* Handle daemons since they have another lock */ + if (cmd == IP_VS_SO_SET_STARTDAEMON || + cmd == IP_VS_SO_SET_STOPDAEMON) { + struct ip_vs_daemon_user *dm = (struct ip_vs_daemon_user *)arg; + + if (mutex_lock_interruptible(&ipvs->sync_mutex)) { + ret = -ERESTARTSYS; + goto out_dec; + } + if (cmd == IP_VS_SO_SET_STARTDAEMON) + ret = start_sync_thread(net, dm->state, dm->mcast_ifn, + dm->syncid); + else + ret = stop_sync_thread(net, dm->state); + mutex_unlock(&ipvs->sync_mutex); + goto out_dec; + } + if (mutex_lock_interruptible(&__ip_vs_mutex)) { ret = -ERESTARTSYS; goto out_dec; @@ -2316,15 +2335,6 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len) /* Set timeout values for (tcp tcpfin udp) */ ret = ip_vs_set_timeout(net, (struct ip_vs_timeout_user *)arg); goto out_unlock; - } else if (cmd == IP_VS_SO_SET_STARTDAEMON) { - struct ip_vs_daemon_user *dm = (struct ip_vs_daemon_user *)arg; - ret = start_sync_thread(net, dm->state, dm->mcast_ifn, - dm->syncid); - goto out_unlock; - } else if (cmd == IP_VS_SO_SET_STOPDAEMON) { - struct ip_vs_daemon_user *dm = (struct ip_vs_daemon_user *)arg; - ret = stop_sync_thread(net, dm->state); - goto out_unlock; } usvc_compat = (struct ip_vs_service_user *)arg; @@ -2584,6 +2594,33 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) if (copy_from_user(arg, user, copylen) != 0) return -EFAULT; + /* + * Handle daemons first since it has its own locking + */ + if (cmd == IP_VS_SO_GET_DAEMON) { + struct ip_vs_daemon_user d[2]; + + memset(&d, 0, sizeof(d)); + if (mutex_lock_interruptible(&ipvs->sync_mutex)) + return -ERESTARTSYS; + + if (ipvs->sync_state & IP_VS_STATE_MASTER) { + d[0].state = IP_VS_STATE_MASTER; + strlcpy(d[0].mcast_ifn, ipvs->master_mcast_ifn, + sizeof(d[0].mcast_ifn)); + d[0].syncid = ipvs->master_syncid; + } + if (ipvs->sync_state & IP_VS_STATE_BACKUP) { + d[1].state = IP_VS_STATE_BACKUP; + strlcpy(d[1].mcast_ifn, ipvs->backup_mcast_ifn, + sizeof(d[1].mcast_ifn)); + d[1].syncid = ipvs->backup_syncid; + } + if (copy_to_user(user, &d, sizeof(d)) != 0) + ret = -EFAULT; + mutex_unlock(&ipvs->sync_mutex); + return ret; + } if (mutex_lock_interruptible(&__ip_vs_mutex)) return -ERESTARTSYS; @@ -2681,28 +2718,6 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) } break; - case IP_VS_SO_GET_DAEMON: - { - struct ip_vs_daemon_user d[2]; - - memset(&d, 0, sizeof(d)); - if (ipvs->sync_state & IP_VS_STATE_MASTER) { - d[0].state = IP_VS_STATE_MASTER; - strlcpy(d[0].mcast_ifn, ipvs->master_mcast_ifn, - sizeof(d[0].mcast_ifn)); - d[0].syncid = ipvs->master_syncid; - } - if (ipvs->sync_state & IP_VS_STATE_BACKUP) { - d[1].state = IP_VS_STATE_BACKUP; - strlcpy(d[1].mcast_ifn, ipvs->backup_mcast_ifn, - sizeof(d[1].mcast_ifn)); - d[1].syncid = ipvs->backup_syncid; - } - if (copy_to_user(user, &d, sizeof(d)) != 0) - ret = -EFAULT; - } - break; - default: ret = -EINVAL; } @@ -3205,7 +3220,7 @@ static int ip_vs_genl_dump_daemons(struct sk_buff *skb, struct net *net = skb_sknet(skb); struct netns_ipvs *ipvs = net_ipvs(net); - mutex_lock(&__ip_vs_mutex); + mutex_lock(&ipvs->sync_mutex); if ((ipvs->sync_state & IP_VS_STATE_MASTER) && !cb->args[0]) { if (ip_vs_genl_dump_daemon(skb, IP_VS_STATE_MASTER, ipvs->master_mcast_ifn, @@ -3225,7 +3240,7 @@ static int ip_vs_genl_dump_daemons(struct sk_buff *skb, } nla_put_failure: - mutex_unlock(&__ip_vs_mutex); + mutex_unlock(&ipvs->sync_mutex); return skb->len; } @@ -3271,13 +3286,9 @@ static int ip_vs_genl_set_config(struct net *net, struct nlattr **attrs) return ip_vs_set_timeout(net, &t); } -static int ip_vs_genl_set_cmd(struct sk_buff *skb, struct genl_info *info) +static int ip_vs_genl_set_daemon(struct sk_buff *skb, struct genl_info *info) { - struct ip_vs_service *svc = NULL; - struct ip_vs_service_user_kern usvc; - struct ip_vs_dest_user_kern udest; int ret = 0, cmd; - int need_full_svc = 0, need_full_dest = 0; struct net *net; struct netns_ipvs *ipvs; @@ -3285,19 +3296,10 @@ static int ip_vs_genl_set_cmd(struct sk_buff *skb, struct genl_info *info) ipvs = net_ipvs(net); cmd = info->genlhdr->cmd; - mutex_lock(&__ip_vs_mutex); - - if (cmd == IPVS_CMD_FLUSH) { - ret = ip_vs_flush(net); - goto out; - } else if (cmd == IPVS_CMD_SET_CONFIG) { - ret = ip_vs_genl_set_config(net, info->attrs); - goto out; - } else if (cmd == IPVS_CMD_NEW_DAEMON || - cmd == IPVS_CMD_DEL_DAEMON) { - + if (cmd == IPVS_CMD_NEW_DAEMON || cmd == IPVS_CMD_DEL_DAEMON) { struct nlattr *daemon_attrs[IPVS_DAEMON_ATTR_MAX + 1]; + mutex_lock(&ipvs->sync_mutex); if (!info->attrs[IPVS_CMD_ATTR_DAEMON] || nla_parse_nested(daemon_attrs, IPVS_DAEMON_ATTR_MAX, info->attrs[IPVS_CMD_ATTR_DAEMON], @@ -3310,6 +3312,33 @@ static int ip_vs_genl_set_cmd(struct sk_buff *skb, struct genl_info *info) ret = ip_vs_genl_new_daemon(net, daemon_attrs); else ret = ip_vs_genl_del_daemon(net, daemon_attrs); +out: + mutex_unlock(&ipvs->sync_mutex); + } + return ret; +} + +static int ip_vs_genl_set_cmd(struct sk_buff *skb, struct genl_info *info) +{ + struct ip_vs_service *svc = NULL; + struct ip_vs_service_user_kern usvc; + struct ip_vs_dest_user_kern udest; + int ret = 0, cmd; + int need_full_svc = 0, need_full_dest = 0; + struct net *net; + struct netns_ipvs *ipvs; + + net = skb_sknet(skb); + ipvs = net_ipvs(net); + cmd = info->genlhdr->cmd; + + mutex_lock(&__ip_vs_mutex); + + if (cmd == IPVS_CMD_FLUSH) { + ret = ip_vs_flush(net); + goto out; + } else if (cmd == IPVS_CMD_SET_CONFIG) { + ret = ip_vs_genl_set_config(net, info->attrs); goto out; } else if (cmd == IPVS_CMD_ZERO && !info->attrs[IPVS_CMD_ATTR_SERVICE]) { @@ -3536,13 +3565,13 @@ static struct genl_ops ip_vs_genl_ops[] __read_mostly = { .cmd = IPVS_CMD_NEW_DAEMON, .flags = GENL_ADMIN_PERM, .policy = ip_vs_cmd_policy, - .doit = ip_vs_genl_set_cmd, + .doit = ip_vs_genl_set_daemon, }, { .cmd = IPVS_CMD_DEL_DAEMON, .flags = GENL_ADMIN_PERM, .policy = ip_vs_cmd_policy, - .doit = ip_vs_genl_set_cmd, + .doit = ip_vs_genl_set_daemon, }, { .cmd = IPVS_CMD_GET_DAEMON, diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index 7ee7215..3cdd479 100644 --- a/net/netfilter/ipvs/ip_vs_sync.c +++ b/net/netfilter/ipvs/ip_vs_sync.c @@ -61,6 +61,7 @@ #define SYNC_PROTO_VER 1 /* Protocol version in header */ +static struct lock_class_key __ipvs_sync_key; /* * IPVS sync connection entry * Version 0, i.e. original version. @@ -1545,6 +1546,7 @@ int start_sync_thread(struct net *net, int state, char *mcast_ifn, __u8 syncid) IP_VS_DBG(7, "Each ip_vs_sync_conn entry needs %Zd bytes\n", sizeof(struct ip_vs_sync_conn_v0)); + if (state == IP_VS_STATE_MASTER) { if (ipvs->master_thread) return -EEXIST; @@ -1667,6 +1669,7 @@ int __net_init ip_vs_sync_net_init(struct net *net) { struct netns_ipvs *ipvs = net_ipvs(net); + __mutex_init(&ipvs->sync_mutex, "ipvs->sync_mutex", &__ipvs_sync_key); INIT_LIST_HEAD(&ipvs->sync_queue); spin_lock_init(&ipvs->sync_lock); spin_lock_init(&ipvs->sync_buff_lock); @@ -1680,7 +1683,9 @@ int __net_init ip_vs_sync_net_init(struct net *net) void ip_vs_sync_net_cleanup(struct net *net) { int retc; + struct netns_ipvs *ipvs = net_ipvs(net); + mutex_lock(&ipvs->sync_mutex); retc = stop_sync_thread(net, IP_VS_STATE_MASTER); if (retc && retc != -ESRCH) pr_err("Failed to stop Master Daemon\n"); @@ -1688,4 +1693,5 @@ void ip_vs_sync_net_cleanup(struct net *net) retc = stop_sync_thread(net, IP_VS_STATE_BACKUP); if (retc && retc != -ESRCH) pr_err("Failed to stop Backup Daemon\n"); + mutex_unlock(&ipvs->sync_mutex); } -- 1.7.6.3 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH] IPVS netns shutdown/startup dead-lock 2011-10-11 1:54 ` [PATCH] IPVS netns shutdown/startup dead-lock Simon Horman @ 2011-10-12 16:33 ` Pablo Neira Ayuso 0 siblings, 0 replies; 11+ messages in thread From: Pablo Neira Ayuso @ 2011-10-12 16:33 UTC (permalink / raw) To: Simon Horman Cc: Patrick McHardy, lvs-devel, netdev, netfilter-devel, Wensong Zhang, Julian Anastasov, David Miller, Hans Schillstrom On Tue, Oct 11, 2011 at 10:54:35AM +0900, Simon Horman wrote: > From: Hans Schillstrom <hans@schillstrom.com> > > ip_vs_mutext is used by both netns shutdown code and startup > and both implicit uses sk_lock-AF_INET mutex. > > cleanup CPU-1 startup CPU-2 > ip_vs_dst_event() ip_vs_genl_set_cmd() > sk_lock-AF_INET __ip_vs_mutex > sk_lock-AF_INET > __ip_vs_mutex > * DEAD LOCK * > > A new mutex placed in ip_vs netns struct called sync_mutex is added. > > Comments from Julian and Simon added. > This patch has been running for more than 3 month now and it seems to work. > > Ver. 3 > IP_VS_SO_GET_DAEMON in do_ip_vs_get_ctl protected by sync_mutex > instead of __ip_vs_mutex as sugested by Julian. Applied, thanks Simon. http://1984.lsi.us.es/git/?p=net/.git;a=shortlog;h=refs/heads/nf ^ permalink raw reply [flat|nested] 11+ messages in thread
* [GIT PULL net] IPVS
@ 2012-04-23 12:17 Simon Horman
2012-04-23 12:44 ` Simon Horman
0 siblings, 1 reply; 11+ messages in thread
From: Simon Horman @ 2012-04-23 12:17 UTC (permalink / raw)
To: Pablo Neira Ayuso
Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang,
Julian Anastasov, Sasha Levin
Hi Pablo,
please consider the following two changes for 3.4. They are from Sasha
Levin and resolve bugs on initialisation failure in IPVS.
The following changes since commit 6ba900676bec8baaf61aa2f85b7345c0e65774d9:
netfilter: nf_conntrack: fix incorrect logic in nf_conntrack_init_net (2012-04-10 13:00:38 +0200)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs.git master
for you to fetch changes up to eb93daa9396acdcb9aea47ef125a60228f174deb:
netfilter: ipvs: use GFP_KERNEL allocation where possible (2012-04-23 17:00:52 +0900)
----------------------------------------------------------------
Sasha Levin (2):
netfilter: ipvs: Verify that IP_VS protocol has been registered
netfilter: ipvs: use GFP_KERNEL allocation where possible
net/netfilter/ipvs/ip_vs_proto.c | 29 +++++++++++++++++++----------
1 file changed, 19 insertions(+), 10 deletions(-)
^ permalink raw reply [flat|nested] 11+ messages in thread* Re: [GIT PULL net] IPVS 2012-04-23 12:17 [GIT PULL net] IPVS Simon Horman @ 2012-04-23 12:44 ` Simon Horman 0 siblings, 0 replies; 11+ messages in thread From: Simon Horman @ 2012-04-23 12:44 UTC (permalink / raw) To: Pablo Neira Ayuso Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang, Julian Anastasov, Sasha Levin On Mon, Apr 23, 2012 at 09:17:06PM +0900, Simon Horman wrote: > Hi Pablo, > > please consider the following two changes for 3.4. They are from Sasha > Levin and resolve bugs on initialisation failure in IPVS. > Sorry, could you please ignore this. I will repost a fresh pull request shortly. ^ permalink raw reply [flat|nested] 11+ messages in thread
* [GIT PULL net] IPVS
@ 2012-04-27 0:53 Simon Horman
2012-04-30 9:27 ` Pablo Neira Ayuso
0 siblings, 1 reply; 11+ messages in thread
From: Simon Horman @ 2012-04-27 0:53 UTC (permalink / raw)
To: Pablo Neira Ayuso
Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang,
Julian Anastasov, Hans Schillstrom, Jesper Dangaard Brouer
Hi Pablo,
please consider the following 5 changes for 3.4, they are all bug fixes.
I would also like these changes considered for stable.
The following changes since commit 8f9b9a2fad47af27e14b037395e03cd8278d96d7:
ipvs: fix crash in ip_vs_control_net_cleanup on unload (2012-04-25 11:16:30 +0200)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs.git master
for you to fetch changes up to 1c3dc0f92d127d3fdefa84c7ef629b070bf8d32c:
ipvs: kernel oops - do_ip_vs_get_ctl (2012-04-26 18:04:31 +0900)
----------------------------------------------------------------
Hans Schillstrom (3):
ipvs: null check of net->ipvs in lblc(r) shedulers
ipvs: take care of return value from protocol init_netns
ipvs: kernel oops - do_ip_vs_get_ctl
Julian Anastasov (2):
ipvs: add check in ftp for initialized core
ipvs: reset ipvs pointer in netns
include/net/ip_vs.h | 4 ++-
net/netfilter/ipvs/ip_vs_core.c | 11 +++++++
net/netfilter/ipvs/ip_vs_ctl.c | 52 +++++++++++++++++++--------------
net/netfilter/ipvs/ip_vs_ftp.c | 2 ++
net/netfilter/ipvs/ip_vs_lblc.c | 3 ++
net/netfilter/ipvs/ip_vs_lblcr.c | 3 ++
net/netfilter/ipvs/ip_vs_proto.c | 11 +++++--
net/netfilter/ipvs/ip_vs_proto_sctp.c | 5 +++-
net/netfilter/ipvs/ip_vs_proto_tcp.c | 5 +++-
net/netfilter/ipvs/ip_vs_proto_udp.c | 5 +++-
10 files changed, 73 insertions(+), 28 deletions(-)
^ permalink raw reply [flat|nested] 11+ messages in thread* Re: [GIT PULL net] IPVS 2012-04-27 0:53 Simon Horman @ 2012-04-30 9:27 ` Pablo Neira Ayuso 2012-07-10 9:20 ` Simon Horman 0 siblings, 1 reply; 11+ messages in thread From: Pablo Neira Ayuso @ 2012-04-30 9:27 UTC (permalink / raw) To: Simon Horman Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang, Julian Anastasov, Hans Schillstrom, Jesper Dangaard Brouer On Fri, Apr 27, 2012 at 09:53:54AM +0900, Simon Horman wrote: > Hi Pablo, > > please consider the following 5 changes for 3.4, they are all bug fixes. > I would also like these changes considered for stable. Please, ping me again once these have hit Linus tree to ask for -stable submission. > The following changes since commit 8f9b9a2fad47af27e14b037395e03cd8278d96d7: > > ipvs: fix crash in ip_vs_control_net_cleanup on unload (2012-04-25 11:16:30 +0200) > > are available in the git repository at: > > git://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs.git master > > for you to fetch changes up to 1c3dc0f92d127d3fdefa84c7ef629b070bf8d32c: > > ipvs: kernel oops - do_ip_vs_get_ctl (2012-04-26 18:04:31 +0900) Pulled and pushed out, thanks Simon et al! ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL net] IPVS 2012-04-30 9:27 ` Pablo Neira Ayuso @ 2012-07-10 9:20 ` Simon Horman 2012-07-10 13:05 ` Pablo Neira Ayuso 0 siblings, 1 reply; 11+ messages in thread From: Simon Horman @ 2012-07-10 9:20 UTC (permalink / raw) To: Pablo Neira Ayuso Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang, Julian Anastasov, Hans Schillstrom, Jesper Dangaard Brouer On Mon, Apr 30, 2012 at 11:27:22AM +0200, Pablo Neira Ayuso wrote: > On Fri, Apr 27, 2012 at 09:53:54AM +0900, Simon Horman wrote: > > Hi Pablo, > > > > please consider the following 5 changes for 3.4, they are all bug fixes. > > I would also like these changes considered for stable. > > Please, ping me again once these have hit Linus tree to ask for > -stable submission. Sorry for letting this slip through the cracks. Please consider the following commits which are in Linus's tree for stable. Or I can submit them directly if that is easier. There are 7 patches listed below. The first 5 were the patches in this pull request. The last two were patches in a git pull request a few days earlier. commit 8537de8a7ab6681cc72fb0411ab1ba7fdba62dd0 Author: Hans Schillstrom <hans.schillstrom@ericsson.com> Date: Thu Apr 26 07:47:44 2012 +0200 ipvs: kernel oops - do_ip_vs_get_ctl Change order of init so netns init is ready when register ioctl and netlink. Ver2 Whitespace fixes and __init added. Reported-by: "Ryan O'Hara" <rohara@redhat.com> Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> Acked-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com> Signed-off-by: Simon Horman <horms@verge.net.au> commit 582b8e3eadaec77788c1aa188081a8d5059c42a6 Author: Hans Schillstrom <hans.schillstrom@ericsson.com> Date: Thu Apr 26 09:45:35 2012 +0200 ipvs: take care of return value from protocol init_netns ip_vs_create_timeout_table() can return NULL All functions protocol init_netns is affected of this patch. Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> Acked-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> commit 4b984cd50bc1b6d492175cd77bfabb78e76ffa67 Author: Hans Schillstrom <hans.schillstrom@ericsson.com> Date: Thu Apr 26 09:45:34 2012 +0200 ipvs: null check of net->ipvs in lblc(r) shedulers Avoid crash when registering shedulers after the IPVS core initialization for netns fails. Do this by checking for present core (net->ipvs). Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> Acked-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> commit 39f618b4fd95ae243d940ec64c961009c74e3333 Author: Julian Anastasov <ja@ssi.bg> Date: Wed Apr 25 00:29:58 2012 +0300 ipvs: reset ipvs pointer in netns Make sure net->ipvs is reset on netns cleanup or failed initialization. It is needed for IPVS applications to know that IPVS core is not loaded in netns. Signed-off-by: Julian Anastasov <ja@ssi.bg> Acked-by: Hans Schillstrom <hans.schillstrom@ericsson.com> Signed-off-by: Simon Horman <horms@verge.net.au> commit 8d08d71ce59438a6ef06be5db07966e0c144b74e Author: Julian Anastasov <ja@ssi.bg> Date: Wed Apr 25 00:29:59 2012 +0300 ipvs: add check in ftp for initialized core Avoid crash when registering ip_vs_ftp after the IPVS core initialization for netns fails. Do this by checking for present core (net->ipvs). Signed-off-by: Julian Anastasov <ja@ssi.bg> Acked-by: Hans Schillstrom <hans.schillstrom@ericsson.com> Signed-off-by: Simon Horman <horms@verge.net.au> commit 8f9b9a2fad47af27e14b037395e03cd8278d96d7 Author: Julian Anastasov <ja@ssi.bg> Date: Fri Apr 13 18:08:43 2012 +0300 ipvs: fix crash in ip_vs_control_net_cleanup on unload commit 14e405461e664b777e2a5636e10b2ebf36a686ec (2.6.39) ("Add __ip_vs_control_{init,cleanup}_sysctl()") introduced regression due to wrong __net_init for __ip_vs_control_cleanup_sysctl. This leads to crash when the ip_vs module is unloaded. Fix it by changing __net_init to __net_exit for the function that is already renamed to ip_vs_control_net_cleanup_sysctl. Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Hans Schillstrom <hans@schillstrom.com> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> commit 7118c07a844d367560ee91adb2071bde2fabcdbf Author: Sasha Levin <levinsasha928@gmail.com> Date: Sat Apr 14 12:37:46 2012 -0400 ipvs: Verify that IP_VS protocol has been registered The registration of a protocol might fail, there were no checks and all registrations were assumed to be correct. This lead to NULL ptr dereferences when apps tried registering. For example: [ 1293.226051] BUG: unable to handle kernel NULL pointer dereference at 0000000000000018 [ 1293.227038] IP: [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 [ 1293.227038] PGD 391de067 PUD 6c20b067 PMD 0 [ 1293.227038] Oops: 0000 [#1] PREEMPT SMP [ 1293.227038] CPU 1 [ 1293.227038] Pid: 19609, comm: trinity Tainted: G W 3.4.0-rc1-next-20120405-sasha-dirty #57 [ 1293.227038] RIP: 0010:[<ffffffff822aacb0>] [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 [ 1293.227038] RSP: 0018:ffff880038c1dd18 EFLAGS: 00010286 [ 1293.227038] RAX: ffffffffffffffc0 RBX: 0000000000001500 RCX: 0000000000010000 [ 1293.227038] RDX: 0000000000000000 RSI: ffff88003a2d5888 RDI: 0000000000000282 [ 1293.227038] RBP: ffff880038c1dd48 R08: 0000000000000000 R09: 0000000000000000 [ 1293.227038] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88003a2d5668 [ 1293.227038] R13: ffff88003a2d5988 R14: ffff8800696a8ff8 R15: 0000000000000000 [ 1293.227038] FS: 00007f01930d9700(0000) GS:ffff88007ce00000(0000) knlGS:0000000000000000 [ 1293.227038] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b [ 1293.227038] CR2: 0000000000000018 CR3: 0000000065dfc000 CR4: 00000000000406e0 [ 1293.227038] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1293.227038] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 1293.227038] Process trinity (pid: 19609, threadinfo ffff880038c1c000, task ffff88002dc73000) [ 1293.227038] Stack: [ 1293.227038] ffff880038c1dd48 00000000fffffff4 ffff8800696aada0 ffff8800694f5580 [ 1293.227038] ffffffff8369f1e0 0000000000001500 ffff880038c1dd98 ffffffff822a716b [ 1293.227038] 0000000000000000 ffff8800696a8ff8 0000000000000015 ffff8800694f5580 [ 1293.227038] Call Trace: [ 1293.227038] [<ffffffff822a716b>] ip_vs_app_inc_new+0xdb/0x180 [ 1293.227038] [<ffffffff822a7258>] register_ip_vs_app_inc+0x48/0x70 [ 1293.227038] [<ffffffff822b2fea>] __ip_vs_ftp_init+0xba/0x140 [ 1293.227038] [<ffffffff821c9060>] ops_init+0x80/0x90 [ 1293.227038] [<ffffffff821c90cb>] setup_net+0x5b/0xe0 [ 1293.227038] [<ffffffff821c9416>] copy_net_ns+0x76/0x100 [ 1293.227038] [<ffffffff810dc92b>] create_new_namespaces+0xfb/0x190 [ 1293.227038] [<ffffffff810dca21>] unshare_nsproxy_namespaces+0x61/0x80 [ 1293.227038] [<ffffffff810afd1f>] sys_unshare+0xff/0x290 [ 1293.227038] [<ffffffff8187622e>] ? trace_hardirqs_on_thunk+0x3a/0x3f [ 1293.227038] [<ffffffff82665539>] system_call_fastpath+0x16/0x1b [ 1293.227038] Code: 89 c7 e8 34 91 3b 00 89 de 66 c1 ee 04 31 de 83 e6 0f 48 83 c6 22 48 c1 e6 04 4a 8b 14 26 49 8d 34 34 48 8d 42 c0 48 39 d6 74 13 <66> 39 58 58 74 22 48 8b 48 40 48 8d 41 c0 48 39 ce 75 ed 49 8d [ 1293.227038] RIP [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 [ 1293.227038] RSP <ffff880038c1dd18> [ 1293.227038] CR2: 0000000000000018 [ 1293.379284] ---[ end trace 364ab40c7011a009 ]--- [ 1293.381182] Kernel panic - not syncing: Fatal exception in interrupt Signed-off-by: Sasha Levin <levinsasha928@gmail.com> Acked-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL net] IPVS 2012-07-10 9:20 ` Simon Horman @ 2012-07-10 13:05 ` Pablo Neira Ayuso 2012-07-17 10:15 ` Pablo Neira Ayuso 0 siblings, 1 reply; 11+ messages in thread From: Pablo Neira Ayuso @ 2012-07-10 13:05 UTC (permalink / raw) To: Simon Horman Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang, Julian Anastasov, Hans Schillstrom, Jesper Dangaard Brouer Hi Simon, On Tue, Jul 10, 2012 at 06:20:03PM +0900, Simon Horman wrote: > On Mon, Apr 30, 2012 at 11:27:22AM +0200, Pablo Neira Ayuso wrote: > > On Fri, Apr 27, 2012 at 09:53:54AM +0900, Simon Horman wrote: > > > Hi Pablo, > > > > > > please consider the following 5 changes for 3.4, they are all bug fixes. > > > I would also like these changes considered for stable. > > > > Please, ping me again once these have hit Linus tree to ask for > > -stable submission. > > Sorry for letting this slip through the cracks. > > Please consider the following commits which are in Linus's tree for stable. > Or I can submit them directly if that is easier. > > There are 7 patches listed below. The first 5 were the patches in this > pull request. The last two were patches in a git pull request > a few days earlier. That's fine, I can make it, but you have to include what stable releases this will be applied, eg. patch 1 to releases 3.4 and 3.2. I think -stable maintainers will ask for that. > commit 8537de8a7ab6681cc72fb0411ab1ba7fdba62dd0 > Author: Hans Schillstrom <hans.schillstrom@ericsson.com> > Date: Thu Apr 26 07:47:44 2012 +0200 > > ipvs: kernel oops - do_ip_vs_get_ctl > > Change order of init so netns init is ready > when register ioctl and netlink. > > Ver2 > Whitespace fixes and __init added. > > Reported-by: "Ryan O'Hara" <rohara@redhat.com> > Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > Acked-by: Julian Anastasov <ja@ssi.bg> > Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com> > Signed-off-by: Simon Horman <horms@verge.net.au> > > commit 582b8e3eadaec77788c1aa188081a8d5059c42a6 > Author: Hans Schillstrom <hans.schillstrom@ericsson.com> > Date: Thu Apr 26 09:45:35 2012 +0200 > > ipvs: take care of return value from protocol init_netns > > ip_vs_create_timeout_table() can return NULL > All functions protocol init_netns is affected of this patch. > > Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > Acked-by: Julian Anastasov <ja@ssi.bg> > Signed-off-by: Simon Horman <horms@verge.net.au> > > commit 4b984cd50bc1b6d492175cd77bfabb78e76ffa67 > Author: Hans Schillstrom <hans.schillstrom@ericsson.com> > Date: Thu Apr 26 09:45:34 2012 +0200 > > ipvs: null check of net->ipvs in lblc(r) shedulers > > Avoid crash when registering shedulers after > the IPVS core initialization for netns fails. Do this by > checking for present core (net->ipvs). > > Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > Acked-by: Julian Anastasov <ja@ssi.bg> > Signed-off-by: Simon Horman <horms@verge.net.au> > > commit 39f618b4fd95ae243d940ec64c961009c74e3333 > Author: Julian Anastasov <ja@ssi.bg> > Date: Wed Apr 25 00:29:58 2012 +0300 > > ipvs: reset ipvs pointer in netns > > Make sure net->ipvs is reset on netns cleanup or failed > initialization. It is needed for IPVS applications to know that > IPVS core is not loaded in netns. > > Signed-off-by: Julian Anastasov <ja@ssi.bg> > Acked-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > Signed-off-by: Simon Horman <horms@verge.net.au> > > commit 8d08d71ce59438a6ef06be5db07966e0c144b74e > Author: Julian Anastasov <ja@ssi.bg> > Date: Wed Apr 25 00:29:59 2012 +0300 > > ipvs: add check in ftp for initialized core > > Avoid crash when registering ip_vs_ftp after > the IPVS core initialization for netns fails. Do this by > checking for present core (net->ipvs). > > Signed-off-by: Julian Anastasov <ja@ssi.bg> > Acked-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > Signed-off-by: Simon Horman <horms@verge.net.au> > > commit 8f9b9a2fad47af27e14b037395e03cd8278d96d7 > Author: Julian Anastasov <ja@ssi.bg> > Date: Fri Apr 13 18:08:43 2012 +0300 > > ipvs: fix crash in ip_vs_control_net_cleanup on unload > > commit 14e405461e664b777e2a5636e10b2ebf36a686ec (2.6.39) > ("Add __ip_vs_control_{init,cleanup}_sysctl()") > introduced regression due to wrong __net_init for > __ip_vs_control_cleanup_sysctl. This leads to crash when > the ip_vs module is unloaded. > > Fix it by changing __net_init to __net_exit for > the function that is already renamed to ip_vs_control_net_cleanup_sysctl. > > Signed-off-by: Julian Anastasov <ja@ssi.bg> > Signed-off-by: Hans Schillstrom <hans@schillstrom.com> > Signed-off-by: Simon Horman <horms@verge.net.au> > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> > > commit 7118c07a844d367560ee91adb2071bde2fabcdbf > Author: Sasha Levin <levinsasha928@gmail.com> > Date: Sat Apr 14 12:37:46 2012 -0400 > > ipvs: Verify that IP_VS protocol has been registered > > The registration of a protocol might fail, there were no checks > and all registrations were assumed to be correct. This lead to > NULL ptr dereferences when apps tried registering. > > For example: > > [ 1293.226051] BUG: unable to handle kernel NULL pointer dereference at 0000000000000018 > [ 1293.227038] IP: [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 > [ 1293.227038] PGD 391de067 PUD 6c20b067 PMD 0 > [ 1293.227038] Oops: 0000 [#1] PREEMPT SMP > [ 1293.227038] CPU 1 > [ 1293.227038] Pid: 19609, comm: trinity Tainted: G W 3.4.0-rc1-next-20120405-sasha-dirty #57 > [ 1293.227038] RIP: 0010:[<ffffffff822aacb0>] [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 > [ 1293.227038] RSP: 0018:ffff880038c1dd18 EFLAGS: 00010286 > [ 1293.227038] RAX: ffffffffffffffc0 RBX: 0000000000001500 RCX: 0000000000010000 > [ 1293.227038] RDX: 0000000000000000 RSI: ffff88003a2d5888 RDI: 0000000000000282 > [ 1293.227038] RBP: ffff880038c1dd48 R08: 0000000000000000 R09: 0000000000000000 > [ 1293.227038] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88003a2d5668 > [ 1293.227038] R13: ffff88003a2d5988 R14: ffff8800696a8ff8 R15: 0000000000000000 > [ 1293.227038] FS: 00007f01930d9700(0000) GS:ffff88007ce00000(0000) knlGS:0000000000000000 > [ 1293.227038] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b > [ 1293.227038] CR2: 0000000000000018 CR3: 0000000065dfc000 CR4: 00000000000406e0 > [ 1293.227038] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > [ 1293.227038] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 > [ 1293.227038] Process trinity (pid: 19609, threadinfo ffff880038c1c000, task ffff88002dc73000) > [ 1293.227038] Stack: > [ 1293.227038] ffff880038c1dd48 00000000fffffff4 ffff8800696aada0 ffff8800694f5580 > [ 1293.227038] ffffffff8369f1e0 0000000000001500 ffff880038c1dd98 ffffffff822a716b > [ 1293.227038] 0000000000000000 ffff8800696a8ff8 0000000000000015 ffff8800694f5580 > [ 1293.227038] Call Trace: > [ 1293.227038] [<ffffffff822a716b>] ip_vs_app_inc_new+0xdb/0x180 > [ 1293.227038] [<ffffffff822a7258>] register_ip_vs_app_inc+0x48/0x70 > [ 1293.227038] [<ffffffff822b2fea>] __ip_vs_ftp_init+0xba/0x140 > [ 1293.227038] [<ffffffff821c9060>] ops_init+0x80/0x90 > [ 1293.227038] [<ffffffff821c90cb>] setup_net+0x5b/0xe0 > [ 1293.227038] [<ffffffff821c9416>] copy_net_ns+0x76/0x100 > [ 1293.227038] [<ffffffff810dc92b>] create_new_namespaces+0xfb/0x190 > [ 1293.227038] [<ffffffff810dca21>] unshare_nsproxy_namespaces+0x61/0x80 > [ 1293.227038] [<ffffffff810afd1f>] sys_unshare+0xff/0x290 > [ 1293.227038] [<ffffffff8187622e>] ? trace_hardirqs_on_thunk+0x3a/0x3f > [ 1293.227038] [<ffffffff82665539>] system_call_fastpath+0x16/0x1b > [ 1293.227038] Code: 89 c7 e8 34 91 3b 00 89 de 66 c1 ee 04 31 de 83 e6 0f 48 83 c6 22 48 c1 e6 04 4a 8b 14 26 49 8d 34 34 48 8d 42 c0 48 39 d6 74 13 <66> 39 58 58 74 22 48 8b 48 40 48 8d 41 c0 48 39 ce 75 ed 49 8d > [ 1293.227038] RIP [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 > [ 1293.227038] RSP <ffff880038c1dd18> > [ 1293.227038] CR2: 0000000000000018 > [ 1293.379284] ---[ end trace 364ab40c7011a009 ]--- > [ 1293.381182] Kernel panic - not syncing: Fatal exception in interrupt > > Signed-off-by: Sasha Levin <levinsasha928@gmail.com> > Acked-by: Julian Anastasov <ja@ssi.bg> > Signed-off-by: Simon Horman <horms@verge.net.au> > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> > ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL net] IPVS 2012-07-10 13:05 ` Pablo Neira Ayuso @ 2012-07-17 10:15 ` Pablo Neira Ayuso 2012-07-18 0:01 ` Simon Horman 0 siblings, 1 reply; 11+ messages in thread From: Pablo Neira Ayuso @ 2012-07-17 10:15 UTC (permalink / raw) To: Simon Horman Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang, Julian Anastasov, Hans Schillstrom, Jesper Dangaard Brouer On Tue, Jul 10, 2012 at 03:05:03PM +0200, Pablo Neira Ayuso wrote: > Hi Simon, > > On Tue, Jul 10, 2012 at 06:20:03PM +0900, Simon Horman wrote: > > On Mon, Apr 30, 2012 at 11:27:22AM +0200, Pablo Neira Ayuso wrote: > > > On Fri, Apr 27, 2012 at 09:53:54AM +0900, Simon Horman wrote: > > > > Hi Pablo, > > > > > > > > please consider the following 5 changes for 3.4, they are all bug fixes. > > > > I would also like these changes considered for stable. > > > > > > Please, ping me again once these have hit Linus tree to ask for > > > -stable submission. > > > > Sorry for letting this slip through the cracks. > > > > Please consider the following commits which are in Linus's tree for stable. > > Or I can submit them directly if that is easier. > > > > There are 7 patches listed below. The first 5 were the patches in this > > pull request. The last two were patches in a git pull request > > a few days earlier. > > That's fine, I can make it, but you have to include what stable > releases this will be applied, eg. patch 1 to releases 3.4 and 3.2. > > I think -stable maintainers will ask for that. Ping? > > commit 8537de8a7ab6681cc72fb0411ab1ba7fdba62dd0 > > Author: Hans Schillstrom <hans.schillstrom@ericsson.com> > > Date: Thu Apr 26 07:47:44 2012 +0200 > > > > ipvs: kernel oops - do_ip_vs_get_ctl > > > > Change order of init so netns init is ready > > when register ioctl and netlink. > > > > Ver2 > > Whitespace fixes and __init added. > > > > Reported-by: "Ryan O'Hara" <rohara@redhat.com> > > Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > > Acked-by: Julian Anastasov <ja@ssi.bg> > > Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com> > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > > commit 582b8e3eadaec77788c1aa188081a8d5059c42a6 > > Author: Hans Schillstrom <hans.schillstrom@ericsson.com> > > Date: Thu Apr 26 09:45:35 2012 +0200 > > > > ipvs: take care of return value from protocol init_netns > > > > ip_vs_create_timeout_table() can return NULL > > All functions protocol init_netns is affected of this patch. > > > > Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > > Acked-by: Julian Anastasov <ja@ssi.bg> > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > > commit 4b984cd50bc1b6d492175cd77bfabb78e76ffa67 > > Author: Hans Schillstrom <hans.schillstrom@ericsson.com> > > Date: Thu Apr 26 09:45:34 2012 +0200 > > > > ipvs: null check of net->ipvs in lblc(r) shedulers > > > > Avoid crash when registering shedulers after > > the IPVS core initialization for netns fails. Do this by > > checking for present core (net->ipvs). > > > > Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > > Acked-by: Julian Anastasov <ja@ssi.bg> > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > > commit 39f618b4fd95ae243d940ec64c961009c74e3333 > > Author: Julian Anastasov <ja@ssi.bg> > > Date: Wed Apr 25 00:29:58 2012 +0300 > > > > ipvs: reset ipvs pointer in netns > > > > Make sure net->ipvs is reset on netns cleanup or failed > > initialization. It is needed for IPVS applications to know that > > IPVS core is not loaded in netns. > > > > Signed-off-by: Julian Anastasov <ja@ssi.bg> > > Acked-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > > commit 8d08d71ce59438a6ef06be5db07966e0c144b74e > > Author: Julian Anastasov <ja@ssi.bg> > > Date: Wed Apr 25 00:29:59 2012 +0300 > > > > ipvs: add check in ftp for initialized core > > > > Avoid crash when registering ip_vs_ftp after > > the IPVS core initialization for netns fails. Do this by > > checking for present core (net->ipvs). > > > > Signed-off-by: Julian Anastasov <ja@ssi.bg> > > Acked-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > > commit 8f9b9a2fad47af27e14b037395e03cd8278d96d7 > > Author: Julian Anastasov <ja@ssi.bg> > > Date: Fri Apr 13 18:08:43 2012 +0300 > > > > ipvs: fix crash in ip_vs_control_net_cleanup on unload > > > > commit 14e405461e664b777e2a5636e10b2ebf36a686ec (2.6.39) > > ("Add __ip_vs_control_{init,cleanup}_sysctl()") > > introduced regression due to wrong __net_init for > > __ip_vs_control_cleanup_sysctl. This leads to crash when > > the ip_vs module is unloaded. > > > > Fix it by changing __net_init to __net_exit for > > the function that is already renamed to ip_vs_control_net_cleanup_sysctl. > > > > Signed-off-by: Julian Anastasov <ja@ssi.bg> > > Signed-off-by: Hans Schillstrom <hans@schillstrom.com> > > Signed-off-by: Simon Horman <horms@verge.net.au> > > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> > > > > commit 7118c07a844d367560ee91adb2071bde2fabcdbf > > Author: Sasha Levin <levinsasha928@gmail.com> > > Date: Sat Apr 14 12:37:46 2012 -0400 > > > > ipvs: Verify that IP_VS protocol has been registered > > > > The registration of a protocol might fail, there were no checks > > and all registrations were assumed to be correct. This lead to > > NULL ptr dereferences when apps tried registering. > > > > For example: > > > > [ 1293.226051] BUG: unable to handle kernel NULL pointer dereference at 0000000000000018 > > [ 1293.227038] IP: [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 > > [ 1293.227038] PGD 391de067 PUD 6c20b067 PMD 0 > > [ 1293.227038] Oops: 0000 [#1] PREEMPT SMP > > [ 1293.227038] CPU 1 > > [ 1293.227038] Pid: 19609, comm: trinity Tainted: G W 3.4.0-rc1-next-20120405-sasha-dirty #57 > > [ 1293.227038] RIP: 0010:[<ffffffff822aacb0>] [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 > > [ 1293.227038] RSP: 0018:ffff880038c1dd18 EFLAGS: 00010286 > > [ 1293.227038] RAX: ffffffffffffffc0 RBX: 0000000000001500 RCX: 0000000000010000 > > [ 1293.227038] RDX: 0000000000000000 RSI: ffff88003a2d5888 RDI: 0000000000000282 > > [ 1293.227038] RBP: ffff880038c1dd48 R08: 0000000000000000 R09: 0000000000000000 > > [ 1293.227038] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88003a2d5668 > > [ 1293.227038] R13: ffff88003a2d5988 R14: ffff8800696a8ff8 R15: 0000000000000000 > > [ 1293.227038] FS: 00007f01930d9700(0000) GS:ffff88007ce00000(0000) knlGS:0000000000000000 > > [ 1293.227038] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b > > [ 1293.227038] CR2: 0000000000000018 CR3: 0000000065dfc000 CR4: 00000000000406e0 > > [ 1293.227038] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > > [ 1293.227038] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 > > [ 1293.227038] Process trinity (pid: 19609, threadinfo ffff880038c1c000, task ffff88002dc73000) > > [ 1293.227038] Stack: > > [ 1293.227038] ffff880038c1dd48 00000000fffffff4 ffff8800696aada0 ffff8800694f5580 > > [ 1293.227038] ffffffff8369f1e0 0000000000001500 ffff880038c1dd98 ffffffff822a716b > > [ 1293.227038] 0000000000000000 ffff8800696a8ff8 0000000000000015 ffff8800694f5580 > > [ 1293.227038] Call Trace: > > [ 1293.227038] [<ffffffff822a716b>] ip_vs_app_inc_new+0xdb/0x180 > > [ 1293.227038] [<ffffffff822a7258>] register_ip_vs_app_inc+0x48/0x70 > > [ 1293.227038] [<ffffffff822b2fea>] __ip_vs_ftp_init+0xba/0x140 > > [ 1293.227038] [<ffffffff821c9060>] ops_init+0x80/0x90 > > [ 1293.227038] [<ffffffff821c90cb>] setup_net+0x5b/0xe0 > > [ 1293.227038] [<ffffffff821c9416>] copy_net_ns+0x76/0x100 > > [ 1293.227038] [<ffffffff810dc92b>] create_new_namespaces+0xfb/0x190 > > [ 1293.227038] [<ffffffff810dca21>] unshare_nsproxy_namespaces+0x61/0x80 > > [ 1293.227038] [<ffffffff810afd1f>] sys_unshare+0xff/0x290 > > [ 1293.227038] [<ffffffff8187622e>] ? trace_hardirqs_on_thunk+0x3a/0x3f > > [ 1293.227038] [<ffffffff82665539>] system_call_fastpath+0x16/0x1b > > [ 1293.227038] Code: 89 c7 e8 34 91 3b 00 89 de 66 c1 ee 04 31 de 83 e6 0f 48 83 c6 22 48 c1 e6 04 4a 8b 14 26 49 8d 34 34 48 8d 42 c0 48 39 d6 74 13 <66> 39 58 58 74 22 48 8b 48 40 48 8d 41 c0 48 39 ce 75 ed 49 8d > > [ 1293.227038] RIP [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 > > [ 1293.227038] RSP <ffff880038c1dd18> > > [ 1293.227038] CR2: 0000000000000018 > > [ 1293.379284] ---[ end trace 364ab40c7011a009 ]--- > > [ 1293.381182] Kernel panic - not syncing: Fatal exception in interrupt > > > > Signed-off-by: Sasha Levin <levinsasha928@gmail.com> > > Acked-by: Julian Anastasov <ja@ssi.bg> > > Signed-off-by: Simon Horman <horms@verge.net.au> > > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> > > ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL net] IPVS 2012-07-17 10:15 ` Pablo Neira Ayuso @ 2012-07-18 0:01 ` Simon Horman 0 siblings, 0 replies; 11+ messages in thread From: Simon Horman @ 2012-07-18 0:01 UTC (permalink / raw) To: Pablo Neira Ayuso Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang, Julian Anastasov, Hans Schillstrom, Jesper Dangaard Brouer On Tue, Jul 17, 2012 at 12:15:31PM +0200, Pablo Neira Ayuso wrote: > On Tue, Jul 10, 2012 at 03:05:03PM +0200, Pablo Neira Ayuso wrote: > > Hi Simon, > > > > On Tue, Jul 10, 2012 at 06:20:03PM +0900, Simon Horman wrote: > > > On Mon, Apr 30, 2012 at 11:27:22AM +0200, Pablo Neira Ayuso wrote: > > > > On Fri, Apr 27, 2012 at 09:53:54AM +0900, Simon Horman wrote: > > > > > Hi Pablo, > > > > > > > > > > please consider the following 5 changes for 3.4, they are all bug fixes. > > > > > I would also like these changes considered for stable. > > > > > > > > Please, ping me again once these have hit Linus tree to ask for > > > > -stable submission. > > > > > > Sorry for letting this slip through the cracks. > > > > > > Please consider the following commits which are in Linus's tree for stable. > > > Or I can submit them directly if that is easier. > > > > > > There are 7 patches listed below. The first 5 were the patches in this > > > pull request. The last two were patches in a git pull request > > > a few days earlier. > > > > That's fine, I can make it, but you have to include what stable > > releases this will be applied, eg. patch 1 to releases 3.4 and 3.2. > > > > I think -stable maintainers will ask for that. > > Ping? Sorry, I haven't got to this yet. > > > commit 8537de8a7ab6681cc72fb0411ab1ba7fdba62dd0 > > > Author: Hans Schillstrom <hans.schillstrom@ericsson.com> > > > Date: Thu Apr 26 07:47:44 2012 +0200 > > > > > > ipvs: kernel oops - do_ip_vs_get_ctl > > > > > > Change order of init so netns init is ready > > > when register ioctl and netlink. > > > > > > Ver2 > > > Whitespace fixes and __init added. > > > > > > Reported-by: "Ryan O'Hara" <rohara@redhat.com> > > > Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > > > Acked-by: Julian Anastasov <ja@ssi.bg> > > > Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com> > > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > > > > commit 582b8e3eadaec77788c1aa188081a8d5059c42a6 > > > Author: Hans Schillstrom <hans.schillstrom@ericsson.com> > > > Date: Thu Apr 26 09:45:35 2012 +0200 > > > > > > ipvs: take care of return value from protocol init_netns > > > > > > ip_vs_create_timeout_table() can return NULL > > > All functions protocol init_netns is affected of this patch. > > > > > > Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > > > Acked-by: Julian Anastasov <ja@ssi.bg> > > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > > > > commit 4b984cd50bc1b6d492175cd77bfabb78e76ffa67 > > > Author: Hans Schillstrom <hans.schillstrom@ericsson.com> > > > Date: Thu Apr 26 09:45:34 2012 +0200 > > > > > > ipvs: null check of net->ipvs in lblc(r) shedulers > > > > > > Avoid crash when registering shedulers after > > > the IPVS core initialization for netns fails. Do this by > > > checking for present core (net->ipvs). > > > > > > Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > > > Acked-by: Julian Anastasov <ja@ssi.bg> > > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > > > > commit 39f618b4fd95ae243d940ec64c961009c74e3333 > > > Author: Julian Anastasov <ja@ssi.bg> > > > Date: Wed Apr 25 00:29:58 2012 +0300 > > > > > > ipvs: reset ipvs pointer in netns > > > > > > Make sure net->ipvs is reset on netns cleanup or failed > > > initialization. It is needed for IPVS applications to know that > > > IPVS core is not loaded in netns. > > > > > > Signed-off-by: Julian Anastasov <ja@ssi.bg> > > > Acked-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > > > > commit 8d08d71ce59438a6ef06be5db07966e0c144b74e > > > Author: Julian Anastasov <ja@ssi.bg> > > > Date: Wed Apr 25 00:29:59 2012 +0300 > > > > > > ipvs: add check in ftp for initialized core > > > > > > Avoid crash when registering ip_vs_ftp after > > > the IPVS core initialization for netns fails. Do this by > > > checking for present core (net->ipvs). > > > > > > Signed-off-by: Julian Anastasov <ja@ssi.bg> > > > Acked-by: Hans Schillstrom <hans.schillstrom@ericsson.com> > > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > > > > commit 8f9b9a2fad47af27e14b037395e03cd8278d96d7 > > > Author: Julian Anastasov <ja@ssi.bg> > > > Date: Fri Apr 13 18:08:43 2012 +0300 > > > > > > ipvs: fix crash in ip_vs_control_net_cleanup on unload > > > > > > commit 14e405461e664b777e2a5636e10b2ebf36a686ec (2.6.39) > > > ("Add __ip_vs_control_{init,cleanup}_sysctl()") > > > introduced regression due to wrong __net_init for > > > __ip_vs_control_cleanup_sysctl. This leads to crash when > > > the ip_vs module is unloaded. > > > > > > Fix it by changing __net_init to __net_exit for > > > the function that is already renamed to ip_vs_control_net_cleanup_sysctl. > > > > > > Signed-off-by: Julian Anastasov <ja@ssi.bg> > > > Signed-off-by: Hans Schillstrom <hans@schillstrom.com> > > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> > > > > > > commit 7118c07a844d367560ee91adb2071bde2fabcdbf > > > Author: Sasha Levin <levinsasha928@gmail.com> > > > Date: Sat Apr 14 12:37:46 2012 -0400 > > > > > > ipvs: Verify that IP_VS protocol has been registered > > > > > > The registration of a protocol might fail, there were no checks > > > and all registrations were assumed to be correct. This lead to > > > NULL ptr dereferences when apps tried registering. > > > > > > For example: > > > > > > [ 1293.226051] BUG: unable to handle kernel NULL pointer dereference at 0000000000000018 > > > [ 1293.227038] IP: [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 > > > [ 1293.227038] PGD 391de067 PUD 6c20b067 PMD 0 > > > [ 1293.227038] Oops: 0000 [#1] PREEMPT SMP > > > [ 1293.227038] CPU 1 > > > [ 1293.227038] Pid: 19609, comm: trinity Tainted: G W 3.4.0-rc1-next-20120405-sasha-dirty #57 > > > [ 1293.227038] RIP: 0010:[<ffffffff822aacb0>] [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 > > > [ 1293.227038] RSP: 0018:ffff880038c1dd18 EFLAGS: 00010286 > > > [ 1293.227038] RAX: ffffffffffffffc0 RBX: 0000000000001500 RCX: 0000000000010000 > > > [ 1293.227038] RDX: 0000000000000000 RSI: ffff88003a2d5888 RDI: 0000000000000282 > > > [ 1293.227038] RBP: ffff880038c1dd48 R08: 0000000000000000 R09: 0000000000000000 > > > [ 1293.227038] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88003a2d5668 > > > [ 1293.227038] R13: ffff88003a2d5988 R14: ffff8800696a8ff8 R15: 0000000000000000 > > > [ 1293.227038] FS: 00007f01930d9700(0000) GS:ffff88007ce00000(0000) knlGS:0000000000000000 > > > [ 1293.227038] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b > > > [ 1293.227038] CR2: 0000000000000018 CR3: 0000000065dfc000 CR4: 00000000000406e0 > > > [ 1293.227038] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > > > [ 1293.227038] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 > > > [ 1293.227038] Process trinity (pid: 19609, threadinfo ffff880038c1c000, task ffff88002dc73000) > > > [ 1293.227038] Stack: > > > [ 1293.227038] ffff880038c1dd48 00000000fffffff4 ffff8800696aada0 ffff8800694f5580 > > > [ 1293.227038] ffffffff8369f1e0 0000000000001500 ffff880038c1dd98 ffffffff822a716b > > > [ 1293.227038] 0000000000000000 ffff8800696a8ff8 0000000000000015 ffff8800694f5580 > > > [ 1293.227038] Call Trace: > > > [ 1293.227038] [<ffffffff822a716b>] ip_vs_app_inc_new+0xdb/0x180 > > > [ 1293.227038] [<ffffffff822a7258>] register_ip_vs_app_inc+0x48/0x70 > > > [ 1293.227038] [<ffffffff822b2fea>] __ip_vs_ftp_init+0xba/0x140 > > > [ 1293.227038] [<ffffffff821c9060>] ops_init+0x80/0x90 > > > [ 1293.227038] [<ffffffff821c90cb>] setup_net+0x5b/0xe0 > > > [ 1293.227038] [<ffffffff821c9416>] copy_net_ns+0x76/0x100 > > > [ 1293.227038] [<ffffffff810dc92b>] create_new_namespaces+0xfb/0x190 > > > [ 1293.227038] [<ffffffff810dca21>] unshare_nsproxy_namespaces+0x61/0x80 > > > [ 1293.227038] [<ffffffff810afd1f>] sys_unshare+0xff/0x290 > > > [ 1293.227038] [<ffffffff8187622e>] ? trace_hardirqs_on_thunk+0x3a/0x3f > > > [ 1293.227038] [<ffffffff82665539>] system_call_fastpath+0x16/0x1b > > > [ 1293.227038] Code: 89 c7 e8 34 91 3b 00 89 de 66 c1 ee 04 31 de 83 e6 0f 48 83 c6 22 48 c1 e6 04 4a 8b 14 26 49 8d 34 34 48 8d 42 c0 48 39 d6 74 13 <66> 39 58 58 74 22 48 8b 48 40 48 8d 41 c0 48 39 ce 75 ed 49 8d > > > [ 1293.227038] RIP [<ffffffff822aacb0>] tcp_register_app+0x60/0xb0 > > > [ 1293.227038] RSP <ffff880038c1dd18> > > > [ 1293.227038] CR2: 0000000000000018 > > > [ 1293.379284] ---[ end trace 364ab40c7011a009 ]--- > > > [ 1293.381182] Kernel panic - not syncing: Fatal exception in interrupt > > > > > > Signed-off-by: Sasha Levin <levinsasha928@gmail.com> > > > Acked-by: Julian Anastasov <ja@ssi.bg> > > > Signed-off-by: Simon Horman <horms@verge.net.au> > > > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> > > > > ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2012-07-18 0:01 UTC | newest] Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2011-10-11 1:54 [GIT PULL net] IPVS Simon Horman 2011-10-11 1:54 ` [PATCH] IPVS netns shutdown/startup dead-lock Simon Horman 2011-10-12 16:33 ` Pablo Neira Ayuso 2012-04-23 12:17 [GIT PULL net] IPVS Simon Horman 2012-04-23 12:44 ` Simon Horman 2012-04-27 0:53 Simon Horman 2012-04-30 9:27 ` Pablo Neira Ayuso 2012-07-10 9:20 ` Simon Horman 2012-07-10 13:05 ` Pablo Neira Ayuso 2012-07-17 10:15 ` Pablo Neira Ayuso 2012-07-18 0:01 ` Simon Horman
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.