| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250317-rpc-shutdown-v1-0-85ba8e20b75d@kernel.org>
Date: Mon, 17 Mar 2025 16:59:52 -0400
From: Jeff Layton <jlayton@...nel.org>
To: Trond Myklebust <trondmy@...nel.org>, Anna Schumaker <anna@...nel.org>,
Chuck Lever <chuck.lever@...cle.com>, Neil Brown <neilb@...e.de>,
Olga Kornievskaia <okorniev@...hat.com>, Dai Ngo <Dai.Ngo@...cle.com>,
Tom Talpey <tom@...pey.com>, "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>
Cc: Josef Bacik <josef@...icpanda.com>,
Benjamin Coddington <bcodding@...hat.com>, linux-nfs@...r.kernel.org,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
Jeff Layton <jlayton@...nel.org>
Subject: [PATCH RFC 0/9] nfs/sunrpc: stop holding netns references in
client-side NFS and RPC objects
We have a long-standing problem with containers that have NFS mounts in
them. Best practice is to unmount gracefully, of course, but sometimes
containers just spontaneously die (e.g. SIGSEGV in the init task in the
container). When that happens the orchestrator will see that all of the
tasks are dead, and will detach the mount namespace and kill off the
network connection.
If there are RPCs in flight at the time, the rpc_clnt will try to
retransmit them indefinitely, but there is no hope of them ever
contacting the server since nothing in userland can reach the netns
at that point to fix anything.
This patchset takes the approach of changing various nfs client and
sunrpc objects to not hold a netns reference. Instead, when a nfs_net or
sunrpc_net is exiting, all nfs_server, nfs_client and rpc_clnt objects
associated with it are shut down, and the pre_exit functions block
until they are gone.
With this approach, when the last userland task in the container exits,
the NFS and RPC clients get cleaned up automatically. As a bonus, this
fixes another bug with the gssproxy RPC client that causes net namespace
leaks in any container where it runs (details in the patch
descriptions).
Signed-off-by: Jeff Layton <jlayton@...nel.org>
---
Jeff Layton (9):
sunrpc: transplant shutdown_client() to sunrpc module
lockd: add a helper to shut down rpc_clnt in nlm_host
lockd: don't #include debug.h from lockd.h
nfs: transplant nfs_server shutdown into a helper function
nfs: don't hold a reference to struct net in struct nfs_client
auth_gss: shut down gssproxy rpc_clnt in net pre_exit
auth_gss: don't hold a net reference in gss_auth
sunrpc: don't hold a struct net reference in rpc_xprt
sunrpc: don't upgrade passive net reference in xs_create_sock
fs/lockd/clnt4xdr.c | 1 +
fs/lockd/clntlock.c | 1 +
fs/lockd/clntproc.c | 1 +
fs/lockd/clntxdr.c | 1 +
fs/lockd/host.c | 8 ++++++++
fs/lockd/mon.c | 1 +
fs/lockd/svc.c | 1 +
fs/lockd/svc4proc.c | 1 +
fs/lockd/svclock.c | 1 +
fs/lockd/svcproc.c | 1 +
fs/lockd/svcsubs.c | 1 +
fs/nfs/client.c | 6 ++++--
fs/nfs/inode.c | 28 ++++++++++++++++++++++++++++
fs/nfs/internal.h | 1 +
fs/nfs/super.c | 18 ++++++++++++++++++
fs/nfs/sysfs.c | 27 ++-------------------------
include/linux/lockd/lockd.h | 2 +-
include/linux/sunrpc/sched.h | 1 +
include/linux/sunrpc/svcauth_gss.h | 1 +
include/linux/sunrpc/xprt.h | 1 -
net/sunrpc/auth_gss/auth_gss.c | 15 ++++++++-------
net/sunrpc/auth_gss/svcauth_gss.c | 7 ++++++-
net/sunrpc/clnt.c | 14 ++++++++++++++
net/sunrpc/sunrpc_syms.c | 29 +++++++++++++++++++++++++++++
net/sunrpc/xprt.c | 3 +--
net/sunrpc/xprtsock.c | 3 ---
26 files changed, 132 insertions(+), 42 deletions(-)
---
base-commit: 80e54e84911a923c40d7bee33a34c1b4be148d7a
change-id: 20250317-rpc-shutdown-1519aacd1db3
Best regards,
--
Jeff Layton <jlayton@...nel.org>
Powered by blists - more mailing lists