From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from Chamillionaire.breakpoint.cc (Chamillionaire.breakpoint.cc [91.216.245.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3503D3BF664 for ; Thu, 2 Apr 2026 11:57:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.216.245.30 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775131065; cv=none; b=jK1dPc0sGXUTdVuyvHOM0a0i1x6kC5RzdPNGSLUYWJUNvQEOopX05KJnYA9mj1M8Ac0wrNgxncMsDmrVuzwSJoKyQ0iSVJy2KHx/S7t6vzbZgnyONf0r07dhlMwEodwkrWYjee67uzzeYOAJ0LNosjwXPepT3rERZ2A4Qnp7cDg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775131065; c=relaxed/simple; bh=m2SofRiP0mtv+EMaqbH6qVEm9bOwOwO+uFQ3zkM/ATo=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=PiQ6GYYCaptb79N8QSFxetS7nk2Q12iJ8by5Kh0irjG/dNJVOq+yTI7fDde8GZn6XHv8hbeq8bD77Y7/zdS6jmgRfRI4mPE3U0GdOxpnv213aaLHanOYIC5m+NxoVivmoEyPByaCEdYM06FA4zX44fwu7RAW+ycNTDkamP66/7c= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=strlen.de; spf=pass smtp.mailfrom=strlen.de; arc=none smtp.client-ip=91.216.245.30 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=strlen.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=strlen.de Received: by Chamillionaire.breakpoint.cc (Postfix, from userid 1003) id 24123608B3; Thu, 02 Apr 2026 13:57:36 +0200 (CEST) Date: Thu, 2 Apr 2026 13:57:37 +0200 From: Florian Westphal To: Steffen Klassert Cc: netdev@vger.kernel.org Subject: Re: [PATCH ipsec 2/2] xfrm: Wait for RCU readers during state netns exit Message-ID: References: Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Steffen Klassert wrote: > xfrm_state_fini() flushes the resize and GC work, destroys all states, and > then frees the state hash tables and the inbound percpu state cache. > Those objects can still be observed by concurrent RCU readers. We need > to wait for a RCU grace period before freeing the hash tables and the > percpu cache to avoid netns teardown racing with lockless lookups. > > Fix this by adding synchronize_rcu() before freeing the state hash > tables and the inbound percpu state cache. > > Fixes: c8406998b801 ("xfrm: state: use rcu_deref and assign_pointer helpers") > Signed-off-by: Steffen Klassert > --- > net/xfrm/xfrm_state.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c > index 1748d374abca..84fbf1591138 100644 > --- a/net/xfrm/xfrm_state.c > +++ b/net/xfrm/xfrm_state.c > @@ -3327,6 +3327,8 @@ void xfrm_state_fini(struct net *net) > xfrm_state_flush(net, 0, false); > flush_work(&xfrm_state_gc_work); > > + synchronize_rcu(); > + xfrm_state_flush() is expected to relink all states to the gc list for the gc worker to handle. The xfrm state worker calls synchronize_rcu() and then frees states on the state gc list. What scenario does this additional synchronize_rcu() protect against? AFAICS this one is not needed, but maybe i am missing something?