Re: [PATCH] net: Convert net_mutex into rw_semaphore and down read it on net->init/->exit

From: ebiederm@xmission.com (Eric W. Biederman)
To: Kirill Tkhai <ktkhai@virtuozzo.com>
Cc: Cong Wang <xiyou.wangcong@gmail.com>,
	David Miller <davem@davemloft.net>,
	vyasevic@redhat.com, kstewart@linuxfoundation.org,
	pombredanne@nexb.com, Vladislav Yasevich <vyasevich@gmail.com>,
	mark.rutland@arm.com, Greg KH <gregkh@linuxfoundation.org>,
	Alexey Dobriyan <adobriyan@gmail.com>,
	Florian Westphal <fw@strlen.de>,
	Nicolas Dichtel <nicolas.dichtel@6wind.com>,
	roman.kapl@sysgo.com, Paul Moore <paul@paul-moore.com>,
	David Ahern <dsahern@gmail.com>,
	Daniel Borkmann <daniel@iogearbox.net>,
	lucien xin <lucien.xin@gmail.com>,
	Matthias Schiffer <mschiffer@universe-factory.net>,
	rshearma@brocade.com, LKML <linux-kernel@vger.kernel.org>,
	Linux Kernel Network Developers <netdev@vger.kernel.org>,
	avagin@virtuozzo.com, gorcunov@virtuozzo.com
Subject: Re: [PATCH] net: Convert net_mutex into rw_semaphore and down read it on net->init/->exit
Date: Wed, 15 Nov 2017 10:31:11 -0600	[thread overview]
Message-ID: <87r2sz33n4.fsf@xmission.com> (raw)
In-Reply-To: <06b1d740-d443-ac23-a7b0-675e7b6ff6f9@virtuozzo.com> (Kirill Tkhai's message of "Wed, 15 Nov 2017 15:36:34 +0300")

Kirill Tkhai <ktkhai@virtuozzo.com> writes:

> On 15.11.2017 12:51, Kirill Tkhai wrote:
>> On 15.11.2017 06:19, Eric W. Biederman wrote:
>>> Kirill Tkhai <ktkhai@virtuozzo.com> writes:
>>>
>>>> On 14.11.2017 21:39, Cong Wang wrote:
>>>>> On Tue, Nov 14, 2017 at 5:53 AM, Kirill Tkhai <ktkhai@virtuozzo.com> wrote:
>>>>>> @@ -406,7 +406,7 @@ struct net *copy_net_ns(unsigned long flags,
>>>>>>
>>>>>>         get_user_ns(user_ns);
>>>>>>
>>>>>> -       rv = mutex_lock_killable(&net_mutex);
>>>>>> +       rv = down_read_killable(&net_sem);
>>>>>>         if (rv < 0) {
>>>>>>                 net_free(net);
>>>>>>                 dec_net_namespaces(ucounts);
>>>>>> @@ -421,7 +421,7 @@ struct net *copy_net_ns(unsigned long flags,
>>>>>>                 list_add_tail_rcu(&net->list, &net_namespace_list);
>>>>>>                 rtnl_unlock();
>>>>>>         }
>>>>>> -       mutex_unlock(&net_mutex);
>>>>>> +       up_read(&net_sem);
>>>>>>         if (rv < 0) {
>>>>>>                 dec_net_namespaces(ucounts);
>>>>>>                 put_user_ns(user_ns);
>>>>>> @@ -446,7 +446,7 @@ static void cleanup_net(struct work_struct *work)
>>>>>>         list_replace_init(&cleanup_list, &net_kill_list);
>>>>>>         spin_unlock_irq(&cleanup_list_lock);
>>>>>>
>>>>>> -       mutex_lock(&net_mutex);
>>>>>> +       down_read(&net_sem);
>>>>>>
>>>>>>         /* Don't let anyone else find us. */
>>>>>>         rtnl_lock();
>>>>>> @@ -486,7 +486,7 @@ static void cleanup_net(struct work_struct *work)
>>>>>>         list_for_each_entry_reverse(ops, &pernet_list, list)
>>>>>>                 ops_free_list(ops, &net_exit_list);
>>>>>>
>>>>>> -       mutex_unlock(&net_mutex);
>>>>>> +       up_read(&net_sem);
>>>>>
>>>>> After your patch setup_net() could run concurrently with cleanup_net(),
>>>>> given that ops_exit_list() is called on error path of setup_net() too,
>>>>> it means ops->exit() now could run concurrently if it doesn't have its
>>>>> own lock. Not sure if this breaks any existing user.
>>>>
>>>> Yes, there will be possible concurrent ops->init() for a net namespace,
>>>> and ops->exit() for another one. I hadn't found pernet operations, which
>>>> have a problem with that. If they exist, they are hidden and not clear seen.
>>>> The pernet operations in general do not touch someone else's memory.
>>>> If suddenly there is one, KASAN should show it after a while.
>>>
>>> Certainly the use of hash tables shared between multiple network
>>> namespaces would count.  I don't rembmer how many of these we have but
>>> there used to be quite a few.
>> 
>> Could you please provide an example of hash tables, you mean?
>
> Ah, I see, it's dccp_hashinfo etc.

The big one used to be the route cache.  With resizable hash tables
things may be getting better in that regard.

Eric