From: Eric Dumazet <eric.dumazet@gmail.com>
To: Mike Kazantsev <mk.fraggod@gmail.com>
Cc: Paul Moore <paul@paul-moore.com>,
netdev@vger.kernel.org, linux-mm@kvack.org
Subject: Re: PROBLEM: Memory leak (at least with SLUB) from "secpath_dup" (xfrm) in 3.5+ kernels
Date: Mon, 22 Oct 2012 17:16:37 +0200 [thread overview]
Message-ID: <1350918997.8609.858.camel@edumazet-glaptop> (raw)
In-Reply-To: <20121022180655.50a50401@sacrilege>
On Mon, 2012-10-22 at 18:06 +0600, Mike Kazantsev wrote:
> On Mon, 22 Oct 2012 10:15:43 +0200
> Eric Dumazet <eric.dumazet@gmail.com> wrote:
>
> > On Mon, 2012-10-22 at 04:58 +0600, Mike Kazantsev wrote:
> >
> > > I've grepped for "/org/free" specifically and sure enough, same scraps
> > > of data seem to be in some of the (varied) dumps there.
> >
> > Content is not meaningful, as we dont initialize it.
> > So you see previous content.
> >
> > Could you try the following :
> >
> ...
>
> With this patch on top of v3.7-rc2 (w/o patches from your previous
> mail), leak seem to be still present.
OK, I believe I found the bug in IPv4 defrag / IPv6 reasm
Please test the following patch.
Thanks !
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
index 448e685..0a52771 100644
--- a/net/ipv4/ip_fragment.c
+++ b/net/ipv4/ip_fragment.c
@@ -48,6 +48,7 @@
#include <linux/inet.h>
#include <linux/netfilter_ipv4.h>
#include <net/inet_ecn.h>
+#include <net/xfrm.h>
/* NOTE. Logic of IP defragmentation is parallel to corresponding IPv6
* code now. If you change something here, _PLEASE_ update ipv6/reassembly.c
@@ -634,6 +635,7 @@ static int ip_frag_reasm(struct ipq *qp, struct sk_buff *prev,
else if (head->ip_summed == CHECKSUM_COMPLETE)
head->csum = csum_add(head->csum, fp->csum);
+ secpath_reset(fp);
if (skb_try_coalesce(head, fp, &headstolen, &delta)) {
kfree_skb_partial(fp, headstolen);
} else {
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
index da8a4e3..4fcc463 100644
--- a/net/ipv6/reassembly.c
+++ b/net/ipv6/reassembly.c
@@ -55,6 +55,7 @@
#include <net/ndisc.h>
#include <net/addrconf.h>
#include <net/inet_frag.h>
+#include <net/xfrm.h>
struct ip6frag_skb_cb
{
@@ -456,6 +457,7 @@ static int ip6_frag_reasm(struct frag_queue *fq, struct sk_buff *prev,
else if (head->ip_summed == CHECKSUM_COMPLETE)
head->csum = csum_add(head->csum, fp->csum);
+ secpath_reset(fp);
if (skb_try_coalesce(head, fp, &headstolen, &delta)) {
kfree_skb_partial(fp, headstolen);
} else {
WARNING: multiple messages have this Message-ID (diff)
From: Eric Dumazet <eric.dumazet@gmail.com>
To: Mike Kazantsev <mk.fraggod@gmail.com>
Cc: Paul Moore <paul@paul-moore.com>,
netdev@vger.kernel.org, linux-mm@kvack.org
Subject: Re: PROBLEM: Memory leak (at least with SLUB) from "secpath_dup" (xfrm) in 3.5+ kernels
Date: Mon, 22 Oct 2012 17:16:37 +0200 [thread overview]
Message-ID: <1350918997.8609.858.camel@edumazet-glaptop> (raw)
In-Reply-To: <20121022180655.50a50401@sacrilege>
On Mon, 2012-10-22 at 18:06 +0600, Mike Kazantsev wrote:
> On Mon, 22 Oct 2012 10:15:43 +0200
> Eric Dumazet <eric.dumazet@gmail.com> wrote:
>
> > On Mon, 2012-10-22 at 04:58 +0600, Mike Kazantsev wrote:
> >
> > > I've grepped for "/org/free" specifically and sure enough, same scraps
> > > of data seem to be in some of the (varied) dumps there.
> >
> > Content is not meaningful, as we dont initialize it.
> > So you see previous content.
> >
> > Could you try the following :
> >
> ...
>
> With this patch on top of v3.7-rc2 (w/o patches from your previous
> mail), leak seem to be still present.
OK, I believe I found the bug in IPv4 defrag / IPv6 reasm
Please test the following patch.
Thanks !
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
index 448e685..0a52771 100644
--- a/net/ipv4/ip_fragment.c
+++ b/net/ipv4/ip_fragment.c
@@ -48,6 +48,7 @@
#include <linux/inet.h>
#include <linux/netfilter_ipv4.h>
#include <net/inet_ecn.h>
+#include <net/xfrm.h>
/* NOTE. Logic of IP defragmentation is parallel to corresponding IPv6
* code now. If you change something here, _PLEASE_ update ipv6/reassembly.c
@@ -634,6 +635,7 @@ static int ip_frag_reasm(struct ipq *qp, struct sk_buff *prev,
else if (head->ip_summed == CHECKSUM_COMPLETE)
head->csum = csum_add(head->csum, fp->csum);
+ secpath_reset(fp);
if (skb_try_coalesce(head, fp, &headstolen, &delta)) {
kfree_skb_partial(fp, headstolen);
} else {
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
index da8a4e3..4fcc463 100644
--- a/net/ipv6/reassembly.c
+++ b/net/ipv6/reassembly.c
@@ -55,6 +55,7 @@
#include <net/ndisc.h>
#include <net/addrconf.h>
#include <net/inet_frag.h>
+#include <net/xfrm.h>
struct ip6frag_skb_cb
{
@@ -456,6 +457,7 @@ static int ip6_frag_reasm(struct frag_queue *fq, struct sk_buff *prev,
else if (head->ip_summed == CHECKSUM_COMPLETE)
head->csum = csum_add(head->csum, fp->csum);
+ secpath_reset(fp);
if (skb_try_coalesce(head, fp, &headstolen, &delta)) {
kfree_skb_partial(fp, headstolen);
} else {
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2012-10-22 15:16 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-19 14:50 PROBLEM: Memory leak (at least with SLUB) from "secpath_dup" (xfrm) in 3.5+ kernels Mike Kazantsev
2012-10-19 17:36 ` Mike Kazantsev
2012-10-20 12:42 ` Paul Moore
2012-10-20 14:49 ` Mike Kazantsev
2012-10-20 22:45 ` Mike Kazantsev
2012-10-21 0:24 ` Mike Kazantsev
2012-10-21 13:29 ` Eric Dumazet
2012-10-21 13:29 ` Eric Dumazet
2012-10-21 13:57 ` Mike Kazantsev
2012-10-21 18:43 ` Mike Kazantsev
2012-10-21 19:51 ` Mike Kazantsev
2012-10-21 21:47 ` Eric Dumazet
2012-10-21 21:47 ` Eric Dumazet
2012-10-21 22:58 ` Mike Kazantsev
2012-10-22 8:15 ` Eric Dumazet
2012-10-22 8:15 ` Eric Dumazet
2012-10-22 12:06 ` Mike Kazantsev
2012-10-22 15:16 ` Eric Dumazet [this message]
2012-10-22 15:16 ` Eric Dumazet
2012-10-22 15:22 ` Eric Dumazet
2012-10-22 15:22 ` Eric Dumazet
2012-10-22 15:28 ` Eric Dumazet
2012-10-22 15:28 ` Eric Dumazet
2012-10-22 16:59 ` Mike Kazantsev
2012-10-22 17:24 ` Eric Dumazet
2012-10-22 17:24 ` Eric Dumazet
2012-10-22 19:03 ` [PATCH] net: fix secpath kmemleak Eric Dumazet
2012-10-22 19:03 ` Eric Dumazet
2012-10-22 19:17 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1350918997.8609.858.camel@edumazet-glaptop \
--to=eric.dumazet@gmail.com \
--cc=linux-mm@kvack.org \
--cc=mk.fraggod@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=paul@paul-moore.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.