linux-ppp.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Vasily Averin <vvs@virtuozzo.com>
To: netdev@vger.kernel.org
Cc: Steffen Klassert <steffen.klassert@secunet.com>,
	linux-nfs@vger.kernel.org,
	Trond Myklebust <trond.myklebust@primarydata.com>,
	Anna Schumaker <anna.schumaker@netapp.com>,
	Remi Denis-Courmont <courmisch@gmail.com>,
	linux-ppp@vger.kernel.org, Paul Mackerras <paulus@samba.org>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
Subject: [PATCH v5 00/13] exit_net checks for objects initialized in net_init hook
Date: Sun, 12 Nov 2017 19:26:44 +0000	[thread overview]
Message-ID: <a09a38cb-4aa3-ace5-3e0f-759d14cdef71@virtuozzo.com> (raw)
In-Reply-To: <cb06dace-88a8-fecf-92ad-02920920a0d3@virtuozzo.com>

OpenVz kernel team have a long history of fighting against namespace-related bugs,
some of them could be prevented by using simple checks described below.

One of typical errors is related to live cycle of namespaces:
usually objects created for some namespace should not live longer than namespace itself.

Such kind of issues can be invisible on usual systems where additional namespaces
are not used, because initial namespaces usually lives forever and never destroyed.

However in systems with namespaces it can lead to memory leaks or to use-after-free.
Both of them are critical for systems with running containers.
As you knows it's quite hard to find the reason of such issues,
especially in rarely-triggered scenarios on production nodes on default kernels
without specially enabled debug settings. Any additional hints can be useful here.

This patch set should help to detect some of these issues.
It is based on assumption that objects initialized in init hook of pernet_operations
should return to initial state until end of exit hook.

Many drivers and subsystems already have such checks, however I've found number
of places where list_empty check would be useful at least as smoke test.

These checks are useful for long-term stable kernels,
they allows to detect problems related to incomplete or incorrectly
backported patches.

Changes:
v5:
- fixed nit pointed by Florian Westphal
- netfilter patches are send separately to netfilter-devel@

v4:
- excluded grace and lockd patches taken by Bruce Fields
- let's use WARN_ON_ONCE without any extra messages
   adobriyan@ is right, output of net Id gives nothing to host admin,
   and developers in any case will extract information from core dump
- updated description in cover letter
- dropped nfs4blocklayout patch: waitqueue check does not look useful
- patches was reordered to be per-subsystem grouped
- cover letter should be sent to all people included into cc: of any patches
- minor cosmetic changes in some patches

v3:
- use net->ns.inum as net Id
- removed patches for hashlimit and recent,
    they handle tables list in exit_net hook.
- added patches for grace and lockd

v2:
- net pointer removed from output
- fixed compilation for phonet driver


Vasily Averin (13):
  af_key: replace BUG_ON on WARN_ON in net_exit hook
  geneve: exit_net cleanup check added
  packet: exit_net cleanup check added
  vxlan: exit_net cleanup checks added
  netdev: exit_net cleanup check added
  fib_notifier: exit_net cleanup check added
  fib_rules: exit_net cleanup check added
  l2tp: exit_net cleanup check added
  nfs client: exit_net cleanup check added
  sunrpc: exit_net cleanup check added
  phonet: exit_net cleanup check added
  ppp: exit_net cleanup checks added
  xfrm6_tunnel: exit_net cleanup check added

 drivers/net/geneve.c          | 1 +
 drivers/net/ppp/ppp_generic.c | 2 ++
 drivers/net/vxlan.c           | 4 ++++
 fs/nfs/inode.c                | 4 ++++
 net/core/dev.c                | 2 ++
 net/core/fib_notifier.c       | 6 ++++++
 net/core/fib_rules.c          | 6 ++++++
 net/ipv6/xfrm6_tunnel.c       | 8 ++++++++
 net/key/af_key.c              | 2 +-
 net/l2tp/l2tp_core.c          | 4 ++++
 net/packet/af_packet.c        | 1 +
 net/phonet/pn_dev.c           | 3 +++
 net/sunrpc/sunrpc_syms.c      | 3 +++
 13 files changed, 45 insertions(+), 1 deletion(-)

-- 
2.7.4


  reply	other threads:[~2017-11-12 19:26 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <9dfa013e-9098-e155-9c47-a73753338288@virtuozzo.com>
2017-11-12  8:39 ` [PATCH v4 00/18] " Vasily Averin
2017-11-12 19:26   ` Vasily Averin [this message]
2017-11-14  6:47     ` [PATCH v5 00/13] " David Miller
2017-11-12 19:33   ` [PATCH v5 12/13] ppp: exit_net cleanup checks added Vasily Averin
2017-11-12  8:50 ` [PATCH v4 17/18] " Vasily Averin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a09a38cb-4aa3-ace5-3e0f-759d14cdef71@virtuozzo.com \
    --to=vvs@virtuozzo.com \
    --cc=anna.schumaker@netapp.com \
    --cc=courmisch@gmail.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-nfs@vger.kernel.org \
    --cc=linux-ppp@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=paulus@samba.org \
    --cc=steffen.klassert@secunet.com \
    --cc=trond.myklebust@primarydata.com \
    --cc=yoshfuji@linux-ipv6.org \
    --subject='Re: [PATCH v5 00/13] exit_net checks for objects initialized in net_init hook' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).