lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 25 Jan 2018 10:39:17 -0500 (EST)
From:   David Miller <davem@...emloft.net>
To:     ddstreet@...e.org
Cc:     kuznet@....inr.ac.ru, yoshfuji@...ux-ipv6.org,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        ddstreet@...onical.com
Subject: Re: [PATCH] net: tcp: close sock if net namespace is exiting

From: Dan Streetman <ddstreet@...e.org>
Date: Thu, 18 Jan 2018 16:14:26 -0500

> When a tcp socket is closed, if it detects that its net namespace is
> exiting, close immediately and do not wait for FIN sequence.
> 
> For normal sockets, a reference is taken to their net namespace, so it will
> never exit while the socket is open.  However, kernel sockets do not take a
> reference to their net namespace, so it may begin exiting while the kernel
> socket is still open.  In this case if the kernel socket is a tcp socket,
> it will stay open trying to complete its close sequence.  The sock's dst(s)
> hold a reference to their interface, which are all transferred to the
> namespace's loopback interface when the real interfaces are taken down.
> When the namespace tries to take down its loopback interface, it hangs
> waiting for all references to the loopback interface to release, which
> results in messages like:
> 
> unregister_netdevice: waiting for lo to become free. Usage count = 1
> 
> These messages continue until the socket finally times out and closes.
> Since the net namespace cleanup holds the net_mutex while calling its
> registered pernet callbacks, any new net namespace initialization is
> blocked until the current net namespace finishes exiting.
> 
> After this change, the tcp socket notices the exiting net namespace, and
> closes immediately, releasing its dst(s) and their reference to the
> loopback interface, which lets the net namespace continue exiting.
> 
> Link: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1711407
> Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=97811
> Signed-off-by: Dan Streetman <ddstreet@...onical.com>

Looks good, thanks for the detailed commit message and references to
analysis in those bugzilla.

Applied and queued up for -stable.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ