netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 1/2] net: sit: Unregister catch-all devices
@ 2021-04-12 17:41 Hristo Venev
  2021-04-12 17:41 ` [PATCH 2/2] net: ip6_tunnel: " Hristo Venev
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Hristo Venev @ 2021-04-12 17:41 UTC (permalink / raw)
  To: David S . Miller, Jakub Kicinski; +Cc: netdev, Hristo Venev

A sit interface created without a local or a remote address is linked
into the `sit_net::tunnels_wc` list of its original namespace. When
deleting a network namespace, delete the devices that have been moved.

The following script triggers a null pointer dereference if devices
linked in a deleted `sit_net` remain:

    for i in `seq 1 30`; do
        ip netns add ns-test
        ip netns exec ns-test ip link add dev veth0 type veth peer veth1
        ip netns exec ns-test ip link add dev sit$i type sit dev veth0
        ip netns exec ns-test ip link set dev sit$i netns $$
        ip netns del ns-test
    done
    for i in `seq 1 30`; do
        ip link del dev sit$i
    done

Fixes: 5e6700b3bf98f ("sit: add support of x-netns")
Signed-off-by: Hristo Venev <hristo@venev.name>
---
 net/ipv6/sit.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index 63ccd9f2dccc..9fdccf0718b5 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -1867,9 +1867,9 @@ static void __net_exit sit_destroy_tunnels(struct net *net,
 		if (dev->rtnl_link_ops == &sit_link_ops)
 			unregister_netdevice_queue(dev, head);
 
-	for (prio = 1; prio < 4; prio++) {
+	for (prio = 0; prio < 4; prio++) {
 		int h;
-		for (h = 0; h < IP6_SIT_HASH_SIZE; h++) {
+		for (h = 0; h < (prio ? IP6_SIT_HASH_SIZE : 1); h++) {
 			struct ip_tunnel *t;
 
 			t = rtnl_dereference(sitn->tunnels[prio][h]);
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [PATCH 2/2] net: ip6_tunnel: Unregister catch-all devices
  2021-04-12 17:41 [PATCH 1/2] net: sit: Unregister catch-all devices Hristo Venev
@ 2021-04-12 17:41 ` Hristo Venev
  2021-04-13 21:40 ` [PATCH 1/2] net: sit: " patchwork-bot+netdevbpf
  2021-04-21  8:33 ` Nicolas Dichtel
  2 siblings, 0 replies; 4+ messages in thread
From: Hristo Venev @ 2021-04-12 17:41 UTC (permalink / raw)
  To: David S . Miller, Jakub Kicinski; +Cc: netdev, Hristo Venev

Similarly to the sit case, we need to remove the tunnels with no
addresses that have been moved to another network namespace.

Fixes: 0bd8762824e73 ("ip6tnl: add x-netns support")
Signed-off-by: Hristo Venev <hristo@venev.name>
---
 net/ipv6/ip6_tunnel.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index 3fa0eca5a06f..42fe7db6bbb3 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -2244,6 +2244,16 @@ static void __net_exit ip6_tnl_destroy_tunnels(struct net *net, struct list_head
 			t = rtnl_dereference(t->next);
 		}
 	}
+
+	t = rtnl_dereference(ip6n->tnls_wc[0]);
+	while (t) {
+		/* If dev is in the same netns, it has already
+		 * been added to the list by the previous loop.
+		 */
+		if (!net_eq(dev_net(t->dev), net))
+			unregister_netdevice_queue(t->dev, list);
+		t = rtnl_dereference(t->next);
+	}
 }
 
 static int __net_init ip6_tnl_init_net(struct net *net)
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] net: sit: Unregister catch-all devices
  2021-04-12 17:41 [PATCH 1/2] net: sit: Unregister catch-all devices Hristo Venev
  2021-04-12 17:41 ` [PATCH 2/2] net: ip6_tunnel: " Hristo Venev
@ 2021-04-13 21:40 ` patchwork-bot+netdevbpf
  2021-04-21  8:33 ` Nicolas Dichtel
  2 siblings, 0 replies; 4+ messages in thread
From: patchwork-bot+netdevbpf @ 2021-04-13 21:40 UTC (permalink / raw)
  To: Hristo Venev; +Cc: davem, kuba, netdev

Hello:

This series was applied to netdev/net.git (refs/heads/master):

On Mon, 12 Apr 2021 20:41:16 +0300 you wrote:
> A sit interface created without a local or a remote address is linked
> into the `sit_net::tunnels_wc` list of its original namespace. When
> deleting a network namespace, delete the devices that have been moved.
> 
> The following script triggers a null pointer dereference if devices
> linked in a deleted `sit_net` remain:
> 
> [...]

Here is the summary with links:
  - [1/2] net: sit: Unregister catch-all devices
    https://git.kernel.org/netdev/net/c/610f8c0fc8d4
  - [2/2] net: ip6_tunnel: Unregister catch-all devices
    https://git.kernel.org/netdev/net/c/941ea91e87a6

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html



^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] net: sit: Unregister catch-all devices
  2021-04-12 17:41 [PATCH 1/2] net: sit: Unregister catch-all devices Hristo Venev
  2021-04-12 17:41 ` [PATCH 2/2] net: ip6_tunnel: " Hristo Venev
  2021-04-13 21:40 ` [PATCH 1/2] net: sit: " patchwork-bot+netdevbpf
@ 2021-04-21  8:33 ` Nicolas Dichtel
  2 siblings, 0 replies; 4+ messages in thread
From: Nicolas Dichtel @ 2021-04-21  8:33 UTC (permalink / raw)
  To: Hristo Venev, David S . Miller, Jakub Kicinski; +Cc: netdev

Le 12/04/2021 à 19:41, Hristo Venev a écrit :
> A sit interface created without a local or a remote address is linked
> into the `sit_net::tunnels_wc` list of its original namespace. When
> deleting a network namespace, delete the devices that have been moved.
> 
> The following script triggers a null pointer dereference if devices
> linked in a deleted `sit_net` remain:
> 
>     for i in `seq 1 30`; do
>         ip netns add ns-test
>         ip netns exec ns-test ip link add dev veth0 type veth peer veth1
>         ip netns exec ns-test ip link add dev sit$i type sit dev veth0
>         ip netns exec ns-test ip link set dev sit$i netns $$
>         ip netns del ns-test
>     done
>     for i in `seq 1 30`; do
>         ip link del dev sit$i
>     done
> 
> Fixes: 5e6700b3bf98f ("sit: add support of x-netns")
> Signed-off-by: Hristo Venev <hristo@venev.name>


Thank you for your patches.
Please, think of putting original author in CC when you send a fix ;-)


Regards,
Nicolas

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-04-21  8:33 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-12 17:41 [PATCH 1/2] net: sit: Unregister catch-all devices Hristo Venev
2021-04-12 17:41 ` [PATCH 2/2] net: ip6_tunnel: " Hristo Venev
2021-04-13 21:40 ` [PATCH 1/2] net: sit: " patchwork-bot+netdevbpf
2021-04-21  8:33 ` Nicolas Dichtel

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).