[PATCH net-next] flowcache: Fix resource leaks on namespace exit.

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Steffen Klassert <steffen.klassert@secunet.com>
To: "Jakub Kiciński" <moorray3@wp.pl>, "David Miller" <davem@davemloft.net>
Cc: Eric Dumazet <eric.dumazet@gmail.com>, <netdev@vger.kernel.org>,
	Fan Du <fan.du@windriver.com>
Subject: [PATCH net-next] flowcache: Fix resource leaks on namespace exit.
Date: Wed, 12 Mar 2014 09:43:17 +0100	[thread overview]
Message-ID: <20140312084317.GF32371@secunet.com> (raw)
In-Reply-To: <20140312083827.GE32371@secunet.com>

We leak an active timer, the hotcpu notifier and all allocated
resources when we exit a namespace. Fix this by introducing a
flow_cache_fini() function where we release the resources before
we exit.

Fixes: ca925cf1534e ("flowcache: Make flow cache name space aware")
Reported-by: Jakub Kicinski <moorray3@wp.pl>
Tested-by: Jakub Kicinski <moorray3@wp.pl>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Fan Du <fan.du@windriver.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
 include/net/flow.h     |    1 +
 net/core/flow.c        |   19 +++++++++++++++++++
 net/xfrm/xfrm_policy.c |    7 ++++++-
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/include/net/flow.h b/include/net/flow.h
index bee3741..64fd248 100644
--- a/include/net/flow.h
+++ b/include/net/flow.h
@@ -219,6 +219,7 @@ struct flow_cache_object *flow_cache_lookup(struct net *net,
 					    u8 dir, flow_resolve_t resolver,
 					    void *ctx);
 int flow_cache_init(struct net *net);
+void flow_cache_fini(struct net *net);
 
 void flow_cache_flush(struct net *net);
 void flow_cache_flush_deferred(struct net *net);
diff --git a/net/core/flow.c b/net/core/flow.c
index 102f8ea..31cfb36 100644
--- a/net/core/flow.c
+++ b/net/core/flow.c
@@ -484,3 +484,22 @@ err:
 	return -ENOMEM;
 }
 EXPORT_SYMBOL(flow_cache_init);
+
+void flow_cache_fini(struct net *net)
+{
+	int i;
+	struct flow_cache *fc = &net->xfrm.flow_cache_global;
+
+	del_timer_sync(&fc->rnd_timer);
+	unregister_hotcpu_notifier(&fc->hotcpu_notifier);
+
+	for_each_possible_cpu(i) {
+		struct flow_cache_percpu *fcp = per_cpu_ptr(fc->percpu, i);
+		kfree(fcp->hash_table);
+		fcp->hash_table = NULL;
+	}
+
+	free_percpu(fc->percpu);
+	fc->percpu = NULL;
+}
+EXPORT_SYMBOL(flow_cache_fini);
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index a75fae4..f02f511 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -2913,15 +2913,19 @@ static int __net_init xfrm_net_init(struct net *net)
 	rv = xfrm_sysctl_init(net);
 	if (rv < 0)
 		goto out_sysctl;
+	rv = flow_cache_init(net);
+	if (rv < 0)
+		goto out;
 
 	/* Initialize the per-net locks here */
 	spin_lock_init(&net->xfrm.xfrm_state_lock);
 	rwlock_init(&net->xfrm.xfrm_policy_lock);
 	mutex_init(&net->xfrm.xfrm_cfg_mutex);
 
-	flow_cache_init(net);
 	return 0;
 
+out:
+	xfrm_sysctl_fini(net);
 out_sysctl:
 	xfrm_policy_fini(net);
 out_policy:
@@ -2934,6 +2938,7 @@ out_statistics:
 
 static void __net_exit xfrm_net_exit(struct net *net)
 {
+	flow_cache_fini(net);
 	xfrm_sysctl_fini(net);
 	xfrm_policy_fini(net);
 	xfrm_state_fini(net);
-- 
1.7.9.5

next prev parent reply	other threads:[~2014-03-12  8:43 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-03-10  0:44 net-next: NULL pointer dereference on adding a net namespace and a system freeze Jakub Kicinski
2014-03-10  4:02 ` Eric Dumazet
2014-03-10  4:09   ` Eric Dumazet
2014-03-10  6:51     ` Fan Du
2014-03-10 13:44       ` Eric Dumazet
2014-03-10 14:09         ` [PATCH net-next] flowcache: restore a single flow_cache kmem_cache Eric Dumazet
2014-03-11  1:45           ` David Miller
2014-03-10 12:19     ` net-next: NULL pointer dereference on adding a net namespace and a system freeze Jakub Kiciński
2014-03-10 14:04       ` Eric Dumazet
2014-03-11  0:46         ` Jakub Kiciński
2014-03-11  5:30           ` Steffen Klassert
2014-03-11 12:00           ` Steffen Klassert
2014-03-11 12:40             ` Eric Dumazet
2014-03-11 13:20               ` Steffen Klassert
2014-03-11 14:30                 ` Jakub Kiciński
2014-03-12  8:38                   ` Steffen Klassert
2014-03-12  8:43                     ` Steffen Klassert [this message]
2014-03-12 11:43                       ` [PATCH net-next] flowcache: Fix resource leaks on namespace exit Eric Dumazet
2014-03-12 19:31                       ` David Miller
2014-03-11 12:42             ` net-next: NULL pointer dereference on adding a net namespace and a system freeze Jakub Kiciński
2014-03-12 10:02             ` Fan Du

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:bee3741 dfblob:64fd248 dfblob:102f8ea dfblob:31cfb36
dfblob:a75fae4 dfblob:f02f511 )
 OR (
bs:"[PATCH net-next] flowcache: Fix resource leaks on namespace exit." )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140312084317.GF32371@secunet.com \
    --to=steffen.klassert@secunet.com \
    --cc=davem@davemloft.net \
    --cc=eric.dumazet@gmail.com \
    --cc=fan.du@windriver.com \
    --cc=moorray3@wp.pl \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).