| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1512739489.25033.26.camel@gmail.com>
Date: Fri, 08 Dec 2017 05:24:49 -0800
From: Eric Dumazet <eric.dumazet@...il.com>
To: Tonghao Zhang <xiangxia.m.yue@...il.com>
Cc: David Miller <davem@...emloft.net>,
Cong Wang <xiyou.wangcong@...il.com>,
Eric Dumazet <edumazet@...gle.com>,
Willem de Bruijn <willemb@...gle.com>,
Linux Kernel Network Developers <netdev@...r.kernel.org>
Subject: Re: [PATCH v5 2/2] sock: Move the socket inuse to namespace.
On Fri, 2017-12-08 at 19:29 +0800, Tonghao Zhang wrote:
> hi all. we can add synchronize_rcu and rcu_barrier in
> sock_inuse_exit_net to
> ensure there are no outstanding rcu callbacks using this network
> namespace.
> we will not have to test if net->core.sock_inuse is NULL or not from
> sock_inuse_add(). :)
>
> static void __net_exit sock_inuse_exit_net(struct net *net)
> {
> free_percpu(net->core.prot_inuse);
> +
> + synchronize_rcu();
> + rcu_barrier();
> +
> + free_percpu(net->core.sock_inuse);
> }
Oh well. Do you have any idea of the major problem this would add ?
Try the following, before and after your patches :
for i in `seq 1 40`
do
(for j in `seq 1 100` ; do unshare -n /bin/true >/dev/null ; done) &
done
wait
( Check commit 8ca712c373a462cfa1b62272870b6c2c74aa83f9 )
This is a complex problem, we wont accept patches that kill network
namespaces dismantling performance by adding brute force
synchronize_rcu() or rcu_barrier() calls.
Why not freeing net->core.sock_inuse right before feeing net itself in
net_free() ?
You do not have to hijack sock_inuse_exit_net() just because it has a
misleading name.
Powered by blists - more mailing lists