From: Wenbin Zeng <wenbin.zeng@gmail.com>
To: bfields@fieldses.org, viro@zeniv.linux.org.uk, davem@davemloft.net
Cc: jlayton@kernel.org, trond.myklebust@hammerspace.com,
anna.schumaker@netapp.com, wenbinzeng@tencent.com,
dsahern@gmail.com, nicolas.dichtel@6wind.com,
willy@infradead.org, edumazet@google.com,
jakub.kicinski@netronome.com, tyhicks@canonical.com,
chuck.lever@oracle.com, neilb@suse.com,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, linux-nfs@vger.kernel.org
Subject: [PATCH v2 3/3] auth_gss: fix deadlock that blocks rpcsec_gss_exit_net when use-gss-proxy==1
Date: Fri, 10 May 2019 14:36:03 +0800 [thread overview]
Message-ID: <1557470163-30071-4-git-send-email-wenbinzeng@tencent.com> (raw)
In-Reply-To: <1557470163-30071-1-git-send-email-wenbinzeng@tencent.com>
When use-gss-proxy is set to 1, write_gssp() creates a rpc client in
gssp_rpc_create(), this increases netns refcount by 2, these refcounts are
supposed to be released in rpcsec_gss_exit_net(), but it will never happen
because rpcsec_gss_exit_net() is triggered only when netns refcount gets
to 0, specifically:
refcount=0 -> cleanup_net() -> ops_exit_list -> rpcsec_gss_exit_net
It is a deadlock situation here, refcount will never get to 0 unless
rpcsec_gss_exit_net() is called.
This fix introduced a new callback i.e. evict in struct proc_ns_operations,
which is called in nsfs_evict. Moving rpcsec_gss_exit_net to evict path
gives it a chance to get called and avoids the above deadlock situation.
Signed-off-by: Wenbin Zeng <wenbinzeng@tencent.com>
---
net/sunrpc/auth_gss/auth_gss.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index 3fd56c0..3e6bd59 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -2136,14 +2136,17 @@ static __net_init int rpcsec_gss_init_net(struct net *net)
return gss_svc_init_net(net);
}
-static __net_exit void rpcsec_gss_exit_net(struct net *net)
+static void rpcsec_gss_evict_net(struct net *net)
{
- gss_svc_shutdown_net(net);
+ struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
+
+ if (sn->gssp_clnt)
+ gss_svc_shutdown_net(net);
}
static struct pernet_operations rpcsec_gss_net_ops = {
.init = rpcsec_gss_init_net,
- .exit = rpcsec_gss_exit_net,
+ .evict = rpcsec_gss_evict_net,
};
/*
--
1.8.3.1
next prev parent reply other threads:[~2019-05-10 6:37 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-01 6:42 [PATCH 0/3] auth_gss: netns refcount leaks when use-gss-proxy==1 Wenbin Zeng
2019-05-01 6:42 ` [PATCH 1/3] nsfs: add evict callback into struct proc_ns_operations Wenbin Zeng
2019-05-02 3:04 ` Al Viro
2019-05-04 16:08 ` Wenbin Zeng
2019-05-01 6:42 ` [PATCH 2/3] netns: add netns_evict into netns_operations Wenbin Zeng
2019-05-04 4:10 ` David Miller
2019-05-01 6:42 ` [PATCH 3/3] auth_gss: fix deadlock that blocks rpcsec_gss_exit_net when use-gss-proxy==1 Wenbin Zeng
2019-05-09 20:52 ` [PATCH 0/3] auth_gss: netns refcount leaks " J. Bruce Fields
2019-05-10 5:09 ` Wenbin Zeng
2019-05-10 6:36 ` [PATCH v2 " Wenbin Zeng
2019-05-10 6:36 ` [PATCH v2 1/3] nsfs: add evict callback into struct proc_ns_operations Wenbin Zeng
2019-05-10 6:36 ` [PATCH v2 2/3] netns: add netns_evict into netns_operations Wenbin Zeng
2019-05-10 22:13 ` David Miller
2019-05-10 6:36 ` Wenbin Zeng [this message]
2019-05-15 1:03 ` [PATCH v2 0/3] auth_gss: netns refcount leaks when use-gss-proxy==1 J. Bruce Fields
2019-06-12 8:37 ` Wenbin Zeng
2019-06-12 15:52 ` J. Bruce Fields
2021-09-07 14:48 ` wanghai (M)
2021-09-08 20:51 ` J. Bruce Fields
2021-09-09 2:52 ` wanghai (M)
2021-09-09 19:52 ` J. Bruce Fields
2019-06-12 12:09 ` [PATCH v3 " Wenbin Zeng
2019-06-12 12:09 ` [PATCH v3 1/3] nsfs: add evict callback into struct proc_ns_operations Wenbin Zeng
2019-06-12 12:09 ` [PATCH v3 2/3] netns: add netns_evict into netns_operations Wenbin Zeng
2019-06-12 12:09 ` [PATCH v3 3/3] auth_gss: fix deadlock that blocks rpcsec_gss_exit_net when use-gss-proxy==1 Wenbin Zeng
2019-08-01 19:53 ` [PATCH v3 0/3] auth_gss: netns refcount leaks " J. Bruce Fields
2021-08-28 11:26 ` wanghai (M)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1557470163-30071-4-git-send-email-wenbinzeng@tencent.com \
--to=wenbin.zeng@gmail.com \
--cc=anna.schumaker@netapp.com \
--cc=bfields@fieldses.org \
--cc=chuck.lever@oracle.com \
--cc=davem@davemloft.net \
--cc=dsahern@gmail.com \
--cc=edumazet@google.com \
--cc=jakub.kicinski@netronome.com \
--cc=jlayton@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=neilb@suse.com \
--cc=netdev@vger.kernel.org \
--cc=nicolas.dichtel@6wind.com \
--cc=trond.myklebust@hammerspace.com \
--cc=tyhicks@canonical.com \
--cc=viro@zeniv.linux.org.uk \
--cc=wenbinzeng@tencent.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.