From: Nicolas Dichtel <nicolas.dichtel@6wind.com>
To: Eric Dumazet <eric.dumazet@gmail.com>,
Alexei Starovoitov <alexei.starovoitov@gmail.com>
Cc: davem@davemloft.net, netdev@vger.kernel.org,
roopa@cumulusnetworks.com, tgraf@suug.ch
Subject: Re: [PATCH net-next v2] route: allow to route in a peer netns via lwt framework
Date: Mon, 27 Jul 2015 21:56:18 +0200 [thread overview]
Message-ID: <55B68CE2.10008@6wind.com> (raw)
In-Reply-To: <1437752397.20182.8.camel@edumazet-glaptop2.roam.corp.google.com>
Le 24/07/2015 17:39, Eric Dumazet a écrit :
>
> On Fri, 2015-07-24 at 16:16 +0200, Nicolas Dichtel wrote:
>> This patch takes advantage of the newly added lwtunnel framework to
>> allow the user to set routes that point to a peer netns.
>>
>> Packets are injected to the peer netns via the loopback device. It works
>> only when the output device is 'lo'.
>>
>> Example:
>> ip route add 40.1.1.1/32 encap netns nsid 5 via dev lo
>>
>
> Is this feature so badly wanted to add complexity on lo device ?
>
The goal is to be scalable when the number of netns is high (10k or more).
Which this patch, we can save two interfaces (veth) per netns, which helps to to
reduce memory consumption and the time needed to create a netns.
[snip]
>> + if (nsid != NETNSA_NSID_NOT_ASSIGNED) {
>> + peernet = get_net_ns_by_id(dev_net(dev), nsid);
>> + if (!peernet) {
>> + kfree_skb(skb);
>> + goto end;
>> + }
>> +
>> + /* it's OK to use per_cpu_ptr() because BHs are off */
>> + lb_stats = this_cpu_ptr(peernet->loopback_dev->lstats);
>> + ret = dev_forward_skb(peernet->loopback_dev, skb);
>> + } else {
>> + skb_orphan(skb);
>>
>> - /* it's OK to use per_cpu_ptr() because BHs are off */
>> - lb_stats = this_cpu_ptr(dev->lstats);
>> + skb->protocol = eth_type_trans(skb, dev);
>> +
>> + /* it's OK to use per_cpu_ptr() because BHs are off */
>> + lb_stats = this_cpu_ptr(dev->lstats);
>> + ret = netif_rx(skb);
>> + }
>>
>> len = skb->len;
>
> <use after free error> At this point you no longer can access skb
Right, will fix it.
next prev parent reply other threads:[~2015-07-27 19:56 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-23 14:22 [PATCH net-next] route: allow to route in a peer netns via lwt framework Nicolas Dichtel
2015-07-23 15:01 ` roopa
2015-07-23 15:25 ` Nicolas Dichtel
2015-07-23 15:50 ` roopa
2015-07-24 12:24 ` Nicolas Dichtel
2015-07-24 13:50 ` roopa
2015-07-24 14:11 ` Nicolas Dichtel
2015-07-24 14:16 ` [PATCH net-next v2] " Nicolas Dichtel
2015-07-24 15:39 ` Eric Dumazet
2015-07-24 16:27 ` Alexei Starovoitov
2015-07-27 19:56 ` Nicolas Dichtel [this message]
2015-07-29 13:16 ` [PATCH net-next v3] " Nicolas Dichtel
2015-07-29 15:20 ` Eric Dumazet
2015-07-29 21:17 ` Nicolas Dichtel
2015-07-24 14:28 ` [PATCH net-next] " David Ahern
2015-07-24 14:32 ` Nicolas Dichtel
2015-07-24 15:19 ` David Ahern
2015-07-27 20:07 ` Nicolas Dichtel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55B68CE2.10008@6wind.com \
--to=nicolas.dichtel@6wind.com \
--cc=alexei.starovoitov@gmail.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=roopa@cumulusnetworks.com \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).