* [Bridge] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6
@ 2015-07-03 18:01 ` Julien Grall
0 siblings, 0 replies; 24+ messages in thread
From: Julien Grall @ 2015-07-03 18:01 UTC (permalink / raw)
To: stephen, davem, bridge, netdev
Cc: wei.liu2, ian.campbell, fw, linux-kernel, Julien Grall,
Bernhard Thaler, xen-devel, Pablo Neira Ayuso
The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge:
forward IPv6 fragmented packets" introduced a new function
br_validate_ipv6 which take a reference on the inet6 device. Although,
the reference is not released at the end.
This will result to the impossibility to destroy any netdevice using
ipv6 and bridge.
Spotted while trying to destroy a Xen guest on the upstream Linux:
"unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1"
Signed-off-by: Julien Grall <julien.grall@citrix.com>
Cc: Bernhard Thaler <bernhard.thaler@wvnet.at>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: fw@strlen.de
Cc: ian.campbell@citrix.com
Cc: wei.liu2@citrix.com
---
Note that it's impossible to create new guest after this message.
I'm not sure if it's normal.
---
net/bridge/br_netfilter_ipv6.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/net/bridge/br_netfilter_ipv6.c b/net/bridge/br_netfilter_ipv6.c
index 6d12d26..7046e19 100644
--- a/net/bridge/br_netfilter_ipv6.c
+++ b/net/bridge/br_netfilter_ipv6.c
@@ -140,11 +140,16 @@ int br_validate_ipv6(struct sk_buff *skb)
/* No IP options in IPv6 header; however it should be
* checked if some next headers need special treatment
*/
+
+ in6_dev_put(idev);
+
return 0;
inhdr_error:
IP6_INC_STATS_BH(dev_net(dev), idev, IPSTATS_MIB_INHDRERRORS);
drop:
+ in6_dev_put(idev);
+
return -1;
}
--
2.1.4
^ permalink raw reply related [flat|nested] 24+ messages in thread* [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-03 18:01 ` Julien Grall 0 siblings, 0 replies; 24+ messages in thread From: Julien Grall @ 2015-07-03 18:01 UTC (permalink / raw) To: stephen, davem, bridge, netdev Cc: xen-devel, linux-kernel, Julien Grall, Bernhard Thaler, Pablo Neira Ayuso, fw, ian.campbell, wei.liu2 The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: forward IPv6 fragmented packets" introduced a new function br_validate_ipv6 which take a reference on the inet6 device. Although, the reference is not released at the end. This will result to the impossibility to destroy any netdevice using ipv6 and bridge. Spotted while trying to destroy a Xen guest on the upstream Linux: "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" Signed-off-by: Julien Grall <julien.grall@citrix.com> Cc: Bernhard Thaler <bernhard.thaler@wvnet.at> Cc: Pablo Neira Ayuso <pablo@netfilter.org> Cc: fw@strlen.de Cc: ian.campbell@citrix.com Cc: wei.liu2@citrix.com --- Note that it's impossible to create new guest after this message. I'm not sure if it's normal. --- net/bridge/br_netfilter_ipv6.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/bridge/br_netfilter_ipv6.c b/net/bridge/br_netfilter_ipv6.c index 6d12d26..7046e19 100644 --- a/net/bridge/br_netfilter_ipv6.c +++ b/net/bridge/br_netfilter_ipv6.c @@ -140,11 +140,16 @@ int br_validate_ipv6(struct sk_buff *skb) /* No IP options in IPv6 header; however it should be * checked if some next headers need special treatment */ + + in6_dev_put(idev); + return 0; inhdr_error: IP6_INC_STATS_BH(dev_net(dev), idev, IPSTATS_MIB_INHDRERRORS); drop: + in6_dev_put(idev); + return -1; } -- 2.1.4 ^ permalink raw reply related [flat|nested] 24+ messages in thread
* Re: [Bridge] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-03 18:01 ` Julien Grall (?) @ 2015-07-03 20:42 ` Florian Westphal -1 siblings, 0 replies; 24+ messages in thread From: Florian Westphal @ 2015-07-03 20:42 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, fw, linux-kernel, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso Julien Grall <julien.grall@citrix.com> wrote: > The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: > forward IPv6 fragmented packets" introduced a new function > br_validate_ipv6 which take a reference on the inet6 device. Although, > the reference is not released at the end. > > This will result to the impossibility to destroy any netdevice using > ipv6 and bridge. > > Spotted while trying to destroy a Xen guest on the upstream Linux: > "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" Ugh :-/ I think it makes more sense to use __in6_dev_get() instead which doesn't take a reference. ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-03 20:42 ` Florian Westphal 0 siblings, 0 replies; 24+ messages in thread From: Florian Westphal @ 2015-07-03 20:42 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, fw, linux-kernel, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso Julien Grall <julien.grall@citrix.com> wrote: > The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: > forward IPv6 fragmented packets" introduced a new function > br_validate_ipv6 which take a reference on the inet6 device. Although, > the reference is not released at the end. > > This will result to the impossibility to destroy any netdevice using > ipv6 and bridge. > > Spotted while trying to destroy a Xen guest on the upstream Linux: > "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" Ugh :-/ I think it makes more sense to use __in6_dev_get() instead which doesn't take a reference. ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-03 20:42 ` Florian Westphal 0 siblings, 0 replies; 24+ messages in thread From: Florian Westphal @ 2015-07-03 20:42 UTC (permalink / raw) To: Julien Grall Cc: stephen, davem, bridge, netdev, xen-devel, linux-kernel, Bernhard Thaler, Pablo Neira Ayuso, fw, ian.campbell, wei.liu2 Julien Grall <julien.grall@citrix.com> wrote: > The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: > forward IPv6 fragmented packets" introduced a new function > br_validate_ipv6 which take a reference on the inet6 device. Although, > the reference is not released at the end. > > This will result to the impossibility to destroy any netdevice using > ipv6 and bridge. > > Spotted while trying to destroy a Xen guest on the upstream Linux: > "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" Ugh :-/ I think it makes more sense to use __in6_dev_get() instead which doesn't take a reference. ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-03 20:42 ` Florian Westphal (?) (?) @ 2015-07-06 10:35 ` Julien Grall -1 siblings, 0 replies; 24+ messages in thread From: Julien Grall @ 2015-07-06 10:35 UTC (permalink / raw) To: Florian Westphal Cc: wei.liu2, ian.campbell, netdev, bridge, linux-kernel, stephen, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso Hi, On 03/07/15 21:42, Florian Westphal wrote: > Julien Grall <julien.grall@citrix.com> wrote: >> The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: >> forward IPv6 fragmented packets" introduced a new function >> br_validate_ipv6 which take a reference on the inet6 device. Although, >> the reference is not released at the end. >> >> This will result to the impossibility to destroy any netdevice using >> ipv6 and bridge. >> >> Spotted while trying to destroy a Xen guest on the upstream Linux: >> "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" > > Ugh :-/ > > I think it makes more sense to use __in6_dev_get() instead which doesn't > take a reference. __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on this code is very limited. Are we sure that one this lock is hold? At first glance, I wasn't able to find one. Regards, -- Julien Grall ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Bridge] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-03 20:42 ` Florian Westphal @ 2015-07-06 10:35 ` Julien Grall -1 siblings, 0 replies; 24+ messages in thread From: Julien Grall @ 2015-07-06 10:35 UTC (permalink / raw) To: Florian Westphal Cc: wei.liu2, ian.campbell, netdev, bridge, linux-kernel, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso Hi, On 03/07/15 21:42, Florian Westphal wrote: > Julien Grall <julien.grall@citrix.com> wrote: >> The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: >> forward IPv6 fragmented packets" introduced a new function >> br_validate_ipv6 which take a reference on the inet6 device. Although, >> the reference is not released at the end. >> >> This will result to the impossibility to destroy any netdevice using >> ipv6 and bridge. >> >> Spotted while trying to destroy a Xen guest on the upstream Linux: >> "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" > > Ugh :-/ > > I think it makes more sense to use __in6_dev_get() instead which doesn't > take a reference. __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on this code is very limited. Are we sure that one this lock is hold? At first glance, I wasn't able to find one. Regards, -- Julien Grall ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-06 10:35 ` Julien Grall 0 siblings, 0 replies; 24+ messages in thread From: Julien Grall @ 2015-07-06 10:35 UTC (permalink / raw) To: Florian Westphal Cc: stephen, davem, bridge, netdev, xen-devel, linux-kernel, Bernhard Thaler, Pablo Neira Ayuso, ian.campbell, wei.liu2 Hi, On 03/07/15 21:42, Florian Westphal wrote: > Julien Grall <julien.grall@citrix.com> wrote: >> The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: >> forward IPv6 fragmented packets" introduced a new function >> br_validate_ipv6 which take a reference on the inet6 device. Although, >> the reference is not released at the end. >> >> This will result to the impossibility to destroy any netdevice using >> ipv6 and bridge. >> >> Spotted while trying to destroy a Xen guest on the upstream Linux: >> "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" > > Ugh :-/ > > I think it makes more sense to use __in6_dev_get() instead which doesn't > take a reference. __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on this code is very limited. Are we sure that one this lock is hold? At first glance, I wasn't able to find one. Regards, -- Julien Grall ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-06 10:35 ` Julien Grall (?) @ 2015-07-06 11:16 ` Eric Dumazet -1 siblings, 0 replies; 24+ messages in thread From: Eric Dumazet @ 2015-07-06 11:16 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, Florian Westphal, linux-kernel, stephen, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso On Mon, 2015-07-06 at 11:35 +0100, Julien Grall wrote: > __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on > this code is very limited. Are we sure that one this lock is hold? At > first glance, I wasn't able to find one. You could play it safe ;) diff --git a/net/bridge/br_netfilter_ipv6.c b/net/bridge/br_netfilter_ipv6.c index 6d12d2675c80..90e8ccc21cc5 100644 --- a/net/bridge/br_netfilter_ipv6.c +++ b/net/bridge/br_netfilter_ipv6.c @@ -104,10 +104,12 @@ int br_validate_ipv6(struct sk_buff *skb) { const struct ipv6hdr *hdr; struct net_device *dev = skb->dev; - struct inet6_dev *idev = in6_dev_get(skb->dev); + struct inet6_dev *idev; u32 pkt_len; u8 ip6h_len = sizeof(struct ipv6hdr); + rcu_read_lock(); + idev = __in6_dev_get(dev); if (!pskb_may_pull(skb, ip6h_len)) goto inhdr_error; @@ -140,11 +142,13 @@ int br_validate_ipv6(struct sk_buff *skb) /* No IP options in IPv6 header; however it should be * checked if some next headers need special treatment */ + rcu_read_unlock(); return 0; inhdr_error: IP6_INC_STATS_BH(dev_net(dev), idev, IPSTATS_MIB_INHDRERRORS); drop: + rcu_read_unlock(); return -1; } ^ permalink raw reply related [flat|nested] 24+ messages in thread
* Re: [Bridge] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-06 10:35 ` Julien Grall (?) @ 2015-07-06 11:16 ` Eric Dumazet -1 siblings, 0 replies; 24+ messages in thread From: Eric Dumazet @ 2015-07-06 11:16 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, Florian Westphal, linux-kernel, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso On Mon, 2015-07-06 at 11:35 +0100, Julien Grall wrote: > __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on > this code is very limited. Are we sure that one this lock is hold? At > first glance, I wasn't able to find one. You could play it safe ;) diff --git a/net/bridge/br_netfilter_ipv6.c b/net/bridge/br_netfilter_ipv6.c index 6d12d2675c80..90e8ccc21cc5 100644 --- a/net/bridge/br_netfilter_ipv6.c +++ b/net/bridge/br_netfilter_ipv6.c @@ -104,10 +104,12 @@ int br_validate_ipv6(struct sk_buff *skb) { const struct ipv6hdr *hdr; struct net_device *dev = skb->dev; - struct inet6_dev *idev = in6_dev_get(skb->dev); + struct inet6_dev *idev; u32 pkt_len; u8 ip6h_len = sizeof(struct ipv6hdr); + rcu_read_lock(); + idev = __in6_dev_get(dev); if (!pskb_may_pull(skb, ip6h_len)) goto inhdr_error; @@ -140,11 +142,13 @@ int br_validate_ipv6(struct sk_buff *skb) /* No IP options in IPv6 header; however it should be * checked if some next headers need special treatment */ + rcu_read_unlock(); return 0; inhdr_error: IP6_INC_STATS_BH(dev_net(dev), idev, IPSTATS_MIB_INHDRERRORS); drop: + rcu_read_unlock(); return -1; } ^ permalink raw reply related [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-06 11:16 ` Eric Dumazet 0 siblings, 0 replies; 24+ messages in thread From: Eric Dumazet @ 2015-07-06 11:16 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, Florian Westphal, linux-kernel, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso On Mon, 2015-07-06 at 11:35 +0100, Julien Grall wrote: > __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on > this code is very limited. Are we sure that one this lock is hold? At > first glance, I wasn't able to find one. You could play it safe ;) diff --git a/net/bridge/br_netfilter_ipv6.c b/net/bridge/br_netfilter_ipv6.c index 6d12d2675c80..90e8ccc21cc5 100644 --- a/net/bridge/br_netfilter_ipv6.c +++ b/net/bridge/br_netfilter_ipv6.c @@ -104,10 +104,12 @@ int br_validate_ipv6(struct sk_buff *skb) { const struct ipv6hdr *hdr; struct net_device *dev = skb->dev; - struct inet6_dev *idev = in6_dev_get(skb->dev); + struct inet6_dev *idev; u32 pkt_len; u8 ip6h_len = sizeof(struct ipv6hdr); + rcu_read_lock(); + idev = __in6_dev_get(dev); if (!pskb_may_pull(skb, ip6h_len)) goto inhdr_error; @@ -140,11 +142,13 @@ int br_validate_ipv6(struct sk_buff *skb) /* No IP options in IPv6 header; however it should be * checked if some next headers need special treatment */ + rcu_read_unlock(); return 0; inhdr_error: IP6_INC_STATS_BH(dev_net(dev), idev, IPSTATS_MIB_INHDRERRORS); drop: + rcu_read_unlock(); return -1; } ^ permalink raw reply related [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-06 11:16 ` Eric Dumazet 0 siblings, 0 replies; 24+ messages in thread From: Eric Dumazet @ 2015-07-06 11:16 UTC (permalink / raw) To: Julien Grall Cc: Florian Westphal, stephen, davem, bridge, netdev, xen-devel, linux-kernel, Bernhard Thaler, Pablo Neira Ayuso, ian.campbell, wei.liu2 On Mon, 2015-07-06 at 11:35 +0100, Julien Grall wrote: > __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on > this code is very limited. Are we sure that one this lock is hold? At > first glance, I wasn't able to find one. You could play it safe ;) diff --git a/net/bridge/br_netfilter_ipv6.c b/net/bridge/br_netfilter_ipv6.c index 6d12d2675c80..90e8ccc21cc5 100644 --- a/net/bridge/br_netfilter_ipv6.c +++ b/net/bridge/br_netfilter_ipv6.c @@ -104,10 +104,12 @@ int br_validate_ipv6(struct sk_buff *skb) { const struct ipv6hdr *hdr; struct net_device *dev = skb->dev; - struct inet6_dev *idev = in6_dev_get(skb->dev); + struct inet6_dev *idev; u32 pkt_len; u8 ip6h_len = sizeof(struct ipv6hdr); + rcu_read_lock(); + idev = __in6_dev_get(dev); if (!pskb_may_pull(skb, ip6h_len)) goto inhdr_error; @@ -140,11 +142,13 @@ int br_validate_ipv6(struct sk_buff *skb) /* No IP options in IPv6 header; however it should be * checked if some next headers need special treatment */ + rcu_read_unlock(); return 0; inhdr_error: IP6_INC_STATS_BH(dev_net(dev), idev, IPSTATS_MIB_INHDRERRORS); drop: + rcu_read_unlock(); return -1; } ^ permalink raw reply related [flat|nested] 24+ messages in thread
* Re: [Bridge] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-06 10:35 ` Julien Grall (?) @ 2015-07-06 11:19 ` Florian Westphal -1 siblings, 0 replies; 24+ messages in thread From: Florian Westphal @ 2015-07-06 11:19 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, Florian Westphal, linux-kernel, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso Julien Grall <julien.grall@citrix.com> wrote: > On 03/07/15 21:42, Florian Westphal wrote: > > I think it makes more sense to use __in6_dev_get() instead which doesn't > > take a reference. > > __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on > this code is very limited. Are we sure that one this lock is hold? At > first glance, I wasn't able to find one. All netfilter hooks are rcu_read_locked via nf_hook_slow(). BTW, netfilter patches should be sent to netfilter-devel@vger.kernel.org. ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-06 11:19 ` Florian Westphal 0 siblings, 0 replies; 24+ messages in thread From: Florian Westphal @ 2015-07-06 11:19 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, Florian Westphal, linux-kernel, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso Julien Grall <julien.grall@citrix.com> wrote: > On 03/07/15 21:42, Florian Westphal wrote: > > I think it makes more sense to use __in6_dev_get() instead which doesn't > > take a reference. > > __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on > this code is very limited. Are we sure that one this lock is hold? At > first glance, I wasn't able to find one. All netfilter hooks are rcu_read_locked via nf_hook_slow(). BTW, netfilter patches should be sent to netfilter-devel@vger.kernel.org. ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-06 11:19 ` Florian Westphal 0 siblings, 0 replies; 24+ messages in thread From: Florian Westphal @ 2015-07-06 11:19 UTC (permalink / raw) To: Julien Grall Cc: Florian Westphal, stephen, davem, bridge, netdev, xen-devel, linux-kernel, Bernhard Thaler, Pablo Neira Ayuso, ian.campbell, wei.liu2 Julien Grall <julien.grall@citrix.com> wrote: > On 03/07/15 21:42, Florian Westphal wrote: > > I think it makes more sense to use __in6_dev_get() instead which doesn't > > take a reference. > > __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on > this code is very limited. Are we sure that one this lock is hold? At > first glance, I wasn't able to find one. All netfilter hooks are rcu_read_locked via nf_hook_slow(). BTW, netfilter patches should be sent to netfilter-devel@vger.kernel.org. ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-06 11:19 ` Florian Westphal (?) (?) @ 2015-07-06 11:32 ` Julien Grall -1 siblings, 0 replies; 24+ messages in thread From: Julien Grall @ 2015-07-06 11:32 UTC (permalink / raw) To: Florian Westphal Cc: wei.liu2, ian.campbell, netdev, bridge, linux-kernel, stephen, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso On 06/07/15 12:19, Florian Westphal wrote: > Julien Grall <julien.grall@citrix.com> wrote: >> On 03/07/15 21:42, Florian Westphal wrote: >>> I think it makes more sense to use __in6_dev_get() instead which doesn't >>> take a reference. >> >> __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on >> this code is very limited. Are we sure that one this lock is hold? At >> first glance, I wasn't able to find one. > > All netfilter hooks are rcu_read_locked via nf_hook_slow(). Ok. I will resend the patch with __in6_dev_get. > BTW, netfilter patches should be sent to netfilter-devel@vger.kernel.org. I used scripts/get_maintainer.pl which doesn't provide this mailing list for net/bridge/br_netfilter*.c Regards, -- Julien Grall ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Bridge] [Xen-devel] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-06 11:19 ` Florian Westphal (?) @ 2015-07-06 11:32 ` Julien Grall -1 siblings, 0 replies; 24+ messages in thread From: Julien Grall @ 2015-07-06 11:32 UTC (permalink / raw) To: Florian Westphal Cc: wei.liu2, ian.campbell, netdev, bridge, linux-kernel, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso On 06/07/15 12:19, Florian Westphal wrote: > Julien Grall <julien.grall@citrix.com> wrote: >> On 03/07/15 21:42, Florian Westphal wrote: >>> I think it makes more sense to use __in6_dev_get() instead which doesn't >>> take a reference. >> >> __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on >> this code is very limited. Are we sure that one this lock is hold? At >> first glance, I wasn't able to find one. > > All netfilter hooks are rcu_read_locked via nf_hook_slow(). Ok. I will resend the patch with __in6_dev_get. > BTW, netfilter patches should be sent to netfilter-devel@vger.kernel.org. I used scripts/get_maintainer.pl which doesn't provide this mailing list for net/bridge/br_netfilter*.c Regards, -- Julien Grall ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Xen-devel] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-06 11:32 ` Julien Grall 0 siblings, 0 replies; 24+ messages in thread From: Julien Grall @ 2015-07-06 11:32 UTC (permalink / raw) To: Florian Westphal Cc: wei.liu2, ian.campbell, netdev, bridge, linux-kernel, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso On 06/07/15 12:19, Florian Westphal wrote: > Julien Grall <julien.grall@citrix.com> wrote: >> On 03/07/15 21:42, Florian Westphal wrote: >>> I think it makes more sense to use __in6_dev_get() instead which doesn't >>> take a reference. >> >> __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on >> this code is very limited. Are we sure that one this lock is hold? At >> first glance, I wasn't able to find one. > > All netfilter hooks are rcu_read_locked via nf_hook_slow(). Ok. I will resend the patch with __in6_dev_get. > BTW, netfilter patches should be sent to netfilter-devel@vger.kernel.org. I used scripts/get_maintainer.pl which doesn't provide this mailing list for net/bridge/br_netfilter*.c Regards, -- Julien Grall ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Xen-devel] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-06 11:32 ` Julien Grall 0 siblings, 0 replies; 24+ messages in thread From: Julien Grall @ 2015-07-06 11:32 UTC (permalink / raw) To: Florian Westphal Cc: wei.liu2, ian.campbell, netdev, bridge, linux-kernel, stephen, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso On 06/07/15 12:19, Florian Westphal wrote: > Julien Grall <julien.grall@citrix.com> wrote: >> On 03/07/15 21:42, Florian Westphal wrote: >>> I think it makes more sense to use __in6_dev_get() instead which doesn't >>> take a reference. >> >> __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on >> this code is very limited. Are we sure that one this lock is hold? At >> first glance, I wasn't able to find one. > > All netfilter hooks are rcu_read_locked via nf_hook_slow(). Ok. I will resend the patch with __in6_dev_get. > BTW, netfilter patches should be sent to netfilter-devel@vger.kernel.org. I used scripts/get_maintainer.pl which doesn't provide this mailing list for net/bridge/br_netfilter*.c Regards, -- Julien Grall ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-06 10:35 ` Julien Grall ` (3 preceding siblings ...) (?) @ 2015-07-06 11:19 ` Florian Westphal -1 siblings, 0 replies; 24+ messages in thread From: Florian Westphal @ 2015-07-06 11:19 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, Florian Westphal, linux-kernel, stephen, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso Julien Grall <julien.grall@citrix.com> wrote: > On 03/07/15 21:42, Florian Westphal wrote: > > I think it makes more sense to use __in6_dev_get() instead which doesn't > > take a reference. > > __in6_dev_get requires to hold rcu_read_lock or RTNL. My knowledge on > this code is very limited. Are we sure that one this lock is hold? At > first glance, I wasn't able to find one. All netfilter hooks are rcu_read_locked via nf_hook_slow(). BTW, netfilter patches should be sent to netfilter-devel@vger.kernel.org. ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-03 18:01 ` Julien Grall (?) (?) @ 2015-07-03 20:42 ` Florian Westphal -1 siblings, 0 replies; 24+ messages in thread From: Florian Westphal @ 2015-07-03 20:42 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, fw, linux-kernel, stephen, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso Julien Grall <julien.grall@citrix.com> wrote: > The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: > forward IPv6 fragmented packets" introduced a new function > br_validate_ipv6 which take a reference on the inet6 device. Although, > the reference is not released at the end. > > This will result to the impossibility to destroy any netdevice using > ipv6 and bridge. > > Spotted while trying to destroy a Xen guest on the upstream Linux: > "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" Ugh :-/ I think it makes more sense to use __in6_dev_get() instead which doesn't take a reference. ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-03 18:01 ` Julien Grall ` (2 preceding siblings ...) (?) @ 2015-07-06 9:58 ` Bob Liu -1 siblings, 0 replies; 24+ messages in thread From: Bob Liu @ 2015-07-06 9:58 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, fw, linux-kernel, stephen, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso On 07/04/2015 02:01 AM, Julien Grall wrote: > The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: > forward IPv6 fragmented packets" introduced a new function > br_validate_ipv6 which take a reference on the inet6 device. Although, > the reference is not released at the end. > > This will result to the impossibility to destroy any netdevice using > ipv6 and bridge. > > Spotted while trying to destroy a Xen guest on the upstream Linux: > "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" > > Signed-off-by: Julien Grall <julien.grall@citrix.com> Also hit the same issue, thank you for the fix. Tested-by: Bob Liu <bob.liu@oracle.com> > Cc: Bernhard Thaler <bernhard.thaler@wvnet.at> > Cc: Pablo Neira Ayuso <pablo@netfilter.org> > Cc: fw@strlen.de > Cc: ian.campbell@citrix.com > Cc: wei.liu2@citrix.com > > --- > Note that it's impossible to create new guest after this message. > I'm not sure if it's normal. > --- > net/bridge/br_netfilter_ipv6.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/net/bridge/br_netfilter_ipv6.c b/net/bridge/br_netfilter_ipv6.c > index 6d12d26..7046e19 100644 > --- a/net/bridge/br_netfilter_ipv6.c > +++ b/net/bridge/br_netfilter_ipv6.c > @@ -140,11 +140,16 @@ int br_validate_ipv6(struct sk_buff *skb) > /* No IP options in IPv6 header; however it should be > * checked if some next headers need special treatment > */ > + > + in6_dev_put(idev); > + > return 0; > > inhdr_error: > IP6_INC_STATS_BH(dev_net(dev), idev, IPSTATS_MIB_INHDRERRORS); > drop: > + in6_dev_put(idev); > + > return -1; > } > > ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Bridge] [Xen-devel] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 2015-07-03 18:01 ` Julien Grall @ 2015-07-06 9:58 ` Bob Liu -1 siblings, 0 replies; 24+ messages in thread From: Bob Liu @ 2015-07-06 9:58 UTC (permalink / raw) To: Julien Grall Cc: wei.liu2, ian.campbell, netdev, bridge, fw, linux-kernel, Bernhard Thaler, xen-devel, davem, Pablo Neira Ayuso On 07/04/2015 02:01 AM, Julien Grall wrote: > The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: > forward IPv6 fragmented packets" introduced a new function > br_validate_ipv6 which take a reference on the inet6 device. Although, > the reference is not released at the end. > > This will result to the impossibility to destroy any netdevice using > ipv6 and bridge. > > Spotted while trying to destroy a Xen guest on the upstream Linux: > "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" > > Signed-off-by: Julien Grall <julien.grall@citrix.com> Also hit the same issue, thank you for the fix. Tested-by: Bob Liu <bob.liu@oracle.com> > Cc: Bernhard Thaler <bernhard.thaler@wvnet.at> > Cc: Pablo Neira Ayuso <pablo@netfilter.org> > Cc: fw@strlen.de > Cc: ian.campbell@citrix.com > Cc: wei.liu2@citrix.com > > --- > Note that it's impossible to create new guest after this message. > I'm not sure if it's normal. > --- > net/bridge/br_netfilter_ipv6.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/net/bridge/br_netfilter_ipv6.c b/net/bridge/br_netfilter_ipv6.c > index 6d12d26..7046e19 100644 > --- a/net/bridge/br_netfilter_ipv6.c > +++ b/net/bridge/br_netfilter_ipv6.c > @@ -140,11 +140,16 @@ int br_validate_ipv6(struct sk_buff *skb) > /* No IP options in IPv6 header; however it should be > * checked if some next headers need special treatment > */ > + > + in6_dev_put(idev); > + > return 0; > > inhdr_error: > IP6_INC_STATS_BH(dev_net(dev), idev, IPSTATS_MIB_INHDRERRORS); > drop: > + in6_dev_put(idev); > + > return -1; > } > > ^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Xen-devel] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 @ 2015-07-06 9:58 ` Bob Liu 0 siblings, 0 replies; 24+ messages in thread From: Bob Liu @ 2015-07-06 9:58 UTC (permalink / raw) To: Julien Grall Cc: stephen, davem, bridge, netdev, wei.liu2, ian.campbell, fw, linux-kernel, Bernhard Thaler, xen-devel, Pablo Neira Ayuso On 07/04/2015 02:01 AM, Julien Grall wrote: > The commit efb6de9b4ba0092b2c55f6a52d16294a8a698edd "netfilter: bridge: > forward IPv6 fragmented packets" introduced a new function > br_validate_ipv6 which take a reference on the inet6 device. Although, > the reference is not released at the end. > > This will result to the impossibility to destroy any netdevice using > ipv6 and bridge. > > Spotted while trying to destroy a Xen guest on the upstream Linux: > "unregister_netdevice: waiting for vif1.0 to become free. Usage count = 1" > > Signed-off-by: Julien Grall <julien.grall@citrix.com> Also hit the same issue, thank you for the fix. Tested-by: Bob Liu <bob.liu@oracle.com> > Cc: Bernhard Thaler <bernhard.thaler@wvnet.at> > Cc: Pablo Neira Ayuso <pablo@netfilter.org> > Cc: fw@strlen.de > Cc: ian.campbell@citrix.com > Cc: wei.liu2@citrix.com > > --- > Note that it's impossible to create new guest after this message. > I'm not sure if it's normal. > --- > net/bridge/br_netfilter_ipv6.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/net/bridge/br_netfilter_ipv6.c b/net/bridge/br_netfilter_ipv6.c > index 6d12d26..7046e19 100644 > --- a/net/bridge/br_netfilter_ipv6.c > +++ b/net/bridge/br_netfilter_ipv6.c > @@ -140,11 +140,16 @@ int br_validate_ipv6(struct sk_buff *skb) > /* No IP options in IPv6 header; however it should be > * checked if some next headers need special treatment > */ > + > + in6_dev_put(idev); > + > return 0; > > inhdr_error: > IP6_INC_STATS_BH(dev_net(dev), idev, IPSTATS_MIB_INHDRERRORS); > drop: > + in6_dev_put(idev); > + > return -1; > } > > ^ permalink raw reply [flat|nested] 24+ messages in thread
end of thread, other threads:[~2015-07-06 11:33 UTC | newest] Thread overview: 24+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2015-07-03 18:01 [Bridge] [PATCH] net/bridge: Add missing in6_dev_put in br_validate_ipv6 Julien Grall 2015-07-03 18:01 ` Julien Grall 2015-07-03 20:42 ` [Bridge] " Florian Westphal 2015-07-03 20:42 ` Florian Westphal 2015-07-03 20:42 ` Florian Westphal 2015-07-06 10:35 ` Julien Grall 2015-07-06 10:35 ` [Bridge] " Julien Grall 2015-07-06 10:35 ` Julien Grall 2015-07-06 11:16 ` Eric Dumazet 2015-07-06 11:16 ` [Bridge] " Eric Dumazet 2015-07-06 11:16 ` Eric Dumazet 2015-07-06 11:16 ` Eric Dumazet 2015-07-06 11:19 ` [Bridge] " Florian Westphal 2015-07-06 11:19 ` Florian Westphal 2015-07-06 11:19 ` Florian Westphal 2015-07-06 11:32 ` Julien Grall 2015-07-06 11:32 ` [Bridge] [Xen-devel] " Julien Grall 2015-07-06 11:32 ` Julien Grall 2015-07-06 11:32 ` Julien Grall 2015-07-06 11:19 ` Florian Westphal 2015-07-03 20:42 ` Florian Westphal 2015-07-06 9:58 ` Bob Liu 2015-07-06 9:58 ` [Bridge] [Xen-devel] " Bob Liu 2015-07-06 9:58 ` Bob Liu
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.