linux-ppp.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: David Miller <davem@davemloft.net>
To: vvs@virtuozzo.com
Cc: netdev@vger.kernel.org, steffen.klassert@secunet.com,
	linux-nfs@vger.kernel.org, trond.myklebust@primarydata.com,
	anna.schumaker@netapp.com, courmisch@gmail.com,
	linux-ppp@vger.kernel.org, paulus@samba.org,
	herbert@gondor.apana.org.au, yoshfuji@linux-ipv6.org
Subject: Re: [PATCH v5 00/13] exit_net checks for objects initialized in net_init hook
Date: Tue, 14 Nov 2017 06:47:20 +0000	[thread overview]
Message-ID: <20171114.154720.1071922306148362515.davem@davemloft.net> (raw)
In-Reply-To: <a09a38cb-4aa3-ace5-3e0f-759d14cdef71@virtuozzo.com>

From: Vasily Averin <vvs@virtuozzo.com>
Date: Sun, 12 Nov 2017 22:26:44 +0300

> OpenVz kernel team have a long history of fighting against namespace-related bugs,
> some of them could be prevented by using simple checks described below.
> 
> One of typical errors is related to live cycle of namespaces:
> usually objects created for some namespace should not live longer than namespace itself.
> 
> Such kind of issues can be invisible on usual systems where additional namespaces
> are not used, because initial namespaces usually lives forever and never destroyed.
> 
> However in systems with namespaces it can lead to memory leaks or to use-after-free.
> Both of them are critical for systems with running containers.
> As you knows it's quite hard to find the reason of such issues,
> especially in rarely-triggered scenarios on production nodes on default kernels
> without specially enabled debug settings. Any additional hints can be useful here.
> 
> This patch set should help to detect some of these issues.
> It is based on assumption that objects initialized in init hook of pernet_operations
> should return to initial state until end of exit hook.
> 
> Many drivers and subsystems already have such checks, however I've found number
> of places where list_empty check would be useful at least as smoke test.
> 
> These checks are useful for long-term stable kernels,
> they allows to detect problems related to incomplete or incorrectly
> backported patches.

All applied to net-next except patch #9 and #10 which need to go via the
NFS maintainer.

  reply	other threads:[~2017-11-14  6:47 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <9dfa013e-9098-e155-9c47-a73753338288@virtuozzo.com>
2017-11-12  8:39 ` [PATCH v4 00/18] " Vasily Averin
2017-11-12 19:26   ` [PATCH v5 00/13] " Vasily Averin
2017-11-14  6:47     ` David Miller [this message]
2017-11-12 19:33   ` [PATCH v5 12/13] ppp: exit_net cleanup checks added Vasily Averin
2017-11-12  8:50 ` [PATCH v4 17/18] " Vasily Averin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171114.154720.1071922306148362515.davem@davemloft.net \
    --to=davem@davemloft.net \
    --cc=anna.schumaker@netapp.com \
    --cc=courmisch@gmail.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-nfs@vger.kernel.org \
    --cc=linux-ppp@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=paulus@samba.org \
    --cc=steffen.klassert@secunet.com \
    --cc=trond.myklebust@primarydata.com \
    --cc=vvs@virtuozzo.com \
    --cc=yoshfuji@linux-ipv6.org \
    --subject='Re: [PATCH v5 00/13] exit_net checks for objects initialized in net_init hook' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).