| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9dfa013e-9098-e155-9c47-a73753338288@virtuozzo.com>
Date: Mon, 6 Nov 2017 16:22:03 +0300
From: Vasily Averin <vvs@...tuozzo.com>
To: netdev@...r.kernel.org
Subject: [PATCH v3 00/21] exit_net checks for objects initialized in net_init
hook
This patch set checks that lists initialized in net_init hooks were
return to initial state at end of net_exit hooks.
I hope such checks allows to detect leaked per-netns objects.
Also I hope that all new pernet_operations will inherit such checks too.
I assume that elements added into per-net lists should not live longer than net namespace,
and should be deleted from the list. I think exit_net hook is good place for such check.
Recently I've found lost list_entry and enabled timer on stop of net namespace.
Then I've reviewed all existing pernet_operations and found that many drivers
have such checks already. So I decided to complete this task and add such checks
into all affected subsystems.
v3:
- use net->ns.inum as net Id
- removed patches for hashlimit and recent,
they handle tables list in exit_net hook.
- added patches for grace and lockd
v2:
- net pointer removed from output
- fixed compilation for phonet driver
Vasily Averin (21):
grace: replace BUG_ON by WARN_ONCE in exit_net hook
lockd: added cleanup checks in exit_net hook
exit_net cleanup: geneve sock_list check
ppp: exit_net cleanup checks added
vxlan: exit_net cleanup checks added
netdev: exit_net cleanup check added
nfs4blocklayout: exit_net cleanup check added
nfs client: exit_net cleanup check added
fib_notifier: exit_net cleanup check added
fib_rules: exit_net cleanup check added
clusterip: exit_net cleanup check added
xfrm6_tunnel: exit_net cleanup check added
af_key: replace BUG_ON on WARN_ONCE in net_exit hook
l2tp: exit_net cleanup check added
nf_tables: exit_net cleanup check added
nfnetlink_log: exit_net cleanup check added
nfnetlink_gueue: exit_net cleanup check added
x_tables: exit_net cleanup check added
packet: exit_net cleanup check added
phonet: exit_net cleanup check added
sunrpc: exit_net cleanup check added
drivers/net/geneve.c | 3 +++
drivers/net/ppp/ppp_generic.c | 6 ++++++
drivers/net/vxlan.c | 7 +++++++
fs/lockd/svc.c | 11 +++++++++++
fs/nfs/blocklayout/rpc_pipefs.c | 3 +++
fs/nfs/client.c | 4 ++++
fs/nfs_common/grace.c | 4 +++-
net/core/dev.c | 4 ++++
net/core/fib_notifier.c | 8 ++++++++
net/core/fib_rules.c | 8 ++++++++
net/ipv4/netfilter/ipt_CLUSTERIP.c | 3 +++
net/ipv6/xfrm6_tunnel.c | 14 ++++++++++++++
net/key/af_key.c | 4 +++-
net/l2tp/l2tp_core.c | 7 +++++++
net/netfilter/nf_tables_api.c | 11 +++++++++++
net/netfilter/nfnetlink_log.c | 7 +++++++
net/netfilter/nfnetlink_queue.c | 8 ++++++++
net/netfilter/x_tables.c | 12 ++++++++++++
net/packet/af_packet.c | 2 ++
net/phonet/pn_dev.c | 5 +++++
net/sunrpc/sunrpc_syms.c | 5 +++++
21 files changed, 134 insertions(+), 2 deletions(-)
--
2.7.4
Powered by blists - more mailing lists