lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <d46151818b694dc79b488061817d3d73@huawei.com>
Date: Tue, 19 Nov 2024 08:38:26 +0000
From: mengkanglai <mengkanglai2@...wei.com>
To: Kuniyuki Iwashima <kuniyu@...zon.com>
CC: "davem@...emloft.net" <davem@...emloft.net>, "dsahern@...nel.org"
	<dsahern@...nel.org>, "edumazet@...gle.com" <edumazet@...gle.com>, "Fengtao
 (fengtao, Euler)" <fengtao40@...wei.com>, "kuba@...nel.org"
	<kuba@...nel.org>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>, "netdev@...r.kernel.org"
	<netdev@...r.kernel.org>, "pabeni@...hat.com" <pabeni@...hat.com>, "Yanan
 (Euler)" <yanan@...wei.com>
Subject: RE:答复: kernel tcp sockets stuck in FIN_WAIT1 after call tcp_close

> -----邮件原件-----
> 发件人: Kuniyuki Iwashima <kuniyu@...zon.com> 
> 发送时间: 2024年11月14日 2:56
> 收件人: mengkanglai <mengkanglai2@...wei.com>
> 抄送: davem@...emloft.net; dsahern@...nel.org; edumazet@...gle.com; Fengtao (fengtao, Euler) <fengtao40@...wei.com>; kuba@...nel.org; linux-kernel@...r.kernel.org; netdev@...r.kernel.org; pabeni@...hat.com; Yanan (Euler) <yanan@...wei.com>; kuniyu@...zon.com
> 主题: Re: kernel tcp sockets stuck in FIN_WAIT1 after call tcp_close
> 
> From: mengkanglai <mengkanglai2@...wei.com>
> Date: Wed, 13 Nov 2024 12:40:34 +0000
> > Hello, Eric:
> > Commit 151c9c724d05 (tcp: properly terminate timers for kernel 
> > sockets) introduce inet_csk_clear_xmit_timers_sync in tcp_close.
> > For kernel sockets it does not hold sk->sk_net_refcnt, if this is 
> > kernel tcp socket it will call tcp_send_fin in __tcp_close to send FIN 
> > packet to remotes server,
> 
> Just curious which subsystem the kernel socket is created by.
> 
> Recently, CIFS and sunrpc are (being) converted to hold net refcnt.
> 
> CIFS: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef7134c7fc48e1441b398e55a862232868a6f0a7
> sunrpc: https://lore.kernel.org/netdev/20241112135434.803890-1-liujian56@huawei.com/
> 
> I remember RDS's listener does not hold refcnt but other client sockets (SMC, RDS, MPTCP, CIFS, sunrpc) do.
> 
> I think all TCP kernel sockets should hold netns refcnt except for one created at pernet_operations.init() hook like RDS.
> 
> > if this fin packet lost due to network faults, tcp should retransmit 
> > this fin packet, but tcp_timer stopped by inet_csk_clear_xmit_timers_sync.
> > tcp sockets state will stuck in FIN_WAIT1 and never go away. I think 
> > it's not right.


I found this problem when testing nfs. sunrpc: https://lore.kernel.org/netdev/20241112135434.803890-1-liujian56@huawei.com/ will solve this problem. 
I agree with that all TCP kernel sockets should hold netns refcnt.
However, for kernel tcp sockets created by other kernel modules through sock_create_kern or sk_alloc(kern=0), it means that they must now hold sk_net_refcnf, otherwise fin will only be sent once and will not be retransmitted when the socket is released.But other use tcp modules may not be aware of hold sk_net_refcnt. should we add a check in tcp_close?

---
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index fb920369c..6b92026a4 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -2804,7 +2804,7 @@ void tcp_close(struct sock *sk, long timeout)
        lock_sock(sk);
        __tcp_close(sk, timeout);
        release_sock(sk);
-       if (!sk->sk_net_refcnt)
+       if (sk->net != &init_net && !sk->sk_net_refcnt)
                inet_csk_clear_xmit_timers_sync(sk);
        sock_put(sk);
 }

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ