diff mbox series

[xfrm,1/2] xfrm: release all offloaded policy memory

Message ID c84041b660cf6b0f0886488e740cd43b0f21c341.1681906552.git.leon@kernel.org (mailing list archive)
State Awaiting Upstream
Delegated to: Netdev Maintainers
Headers show
Series Couple of error unwind fixes to packet offload | expand

Checks

Context Check Description
netdev/series_format warning Target tree name not specified in the subject
netdev/tree_selection success Guessed tree name to be net-next
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 33 this patch: 33
netdev/cc_maintainers success CCed 9 of 9 maintainers
netdev/build_clang success Errors and warnings before: 18 this patch: 18
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success Fixes tag looks correct
netdev/build_allmodconfig_warn success Errors and warnings before: 33 this patch: 33
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 7 lines checked
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Leon Romanovsky April 19, 2023, 12:19 p.m. UTC 
From: Leon Romanovsky <leonro@nvidia.com>

Failure to add offloaded policy will cause to the following
error once user will try to reload driver.

Unregister_netdevice: waiting for eth3 to become free. Usage count = 2

This was caused by xfrm_dev_policy_add() which increments reference
to net_device. That reference was supposed to be decremented
in xfrm_dev_policy_free(). However the latter wasn't called.

 unregister_netdevice: waiting for eth3 to become free. Usage count = 2
 leaked reference.
  xfrm_dev_policy_add+0xff/0x3d0
  xfrm_policy_construct+0x352/0x420
  xfrm_add_policy+0x179/0x320
  xfrm_user_rcv_msg+0x1d2/0x3d0
  netlink_rcv_skb+0xe0/0x210
  xfrm_netlink_rcv+0x45/0x50
  netlink_unicast+0x346/0x490
  netlink_sendmsg+0x3b0/0x6c0
  sock_sendmsg+0x73/0xc0
  sock_write_iter+0x13b/0x1f0
  vfs_write+0x528/0x5d0
  ksys_write+0x120/0x150
  do_syscall_64+0x3d/0x90
  entry_SYSCALL_64_after_hwframe+0x46/0xb0

Fixes: 919e43fad516 ("xfrm: add an interface to offload policy")
Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
---
 net/xfrm/xfrm_user.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Simon Horman April 20, 2023, 3:10 p.m. UTC | #1 
On Wed, Apr 19, 2023 at 03:19:07PM +0300, Leon Romanovsky wrote:
> From: Leon Romanovsky <leonro@nvidia.com>
> 
> Failure to add offloaded policy will cause to the following
> error once user will try to reload driver.
> 
> Unregister_netdevice: waiting for eth3 to become free. Usage count = 2
> 
> This was caused by xfrm_dev_policy_add() which increments reference
> to net_device. That reference was supposed to be decremented
> in xfrm_dev_policy_free(). However the latter wasn't called.
> 
>  unregister_netdevice: waiting for eth3 to become free. Usage count = 2
>  leaked reference.
>   xfrm_dev_policy_add+0xff/0x3d0
>   xfrm_policy_construct+0x352/0x420
>   xfrm_add_policy+0x179/0x320
>   xfrm_user_rcv_msg+0x1d2/0x3d0
>   netlink_rcv_skb+0xe0/0x210
>   xfrm_netlink_rcv+0x45/0x50
>   netlink_unicast+0x346/0x490
>   netlink_sendmsg+0x3b0/0x6c0
>   sock_sendmsg+0x73/0xc0
>   sock_write_iter+0x13b/0x1f0
>   vfs_write+0x528/0x5d0
>   ksys_write+0x120/0x150
>   do_syscall_64+0x3d/0x90
>   entry_SYSCALL_64_after_hwframe+0x46/0xb0
> 
> Fixes: 919e43fad516 ("xfrm: add an interface to offload policy")
> Signed-off-by: Leon Romanovsky <leonro@nvidia.com>

Reviewed-by: Simon Horman <simon.horman@corigine.com>
Eric Dumazet April 20, 2023, 4:51 p.m. UTC | #2 
On Wed, Apr 19, 2023 at 2:19 PM Leon Romanovsky <leon@kernel.org> wrote:
>
> From: Leon Romanovsky <leonro@nvidia.com>
>
> Failure to add offloaded policy will cause to the following
> error once user will try to reload driver.
>
> Unregister_netdevice: waiting for eth3 to become free. Usage count = 2
>
> This was caused by xfrm_dev_policy_add() which increments reference
> to net_device. That reference was supposed to be decremented
> in xfrm_dev_policy_free(). However the latter wasn't called.
>
>  unregister_netdevice: waiting for eth3 to become free. Usage count = 2
>  leaked reference.
>   xfrm_dev_policy_add+0xff/0x3d0
>   xfrm_policy_construct+0x352/0x420
>   xfrm_add_policy+0x179/0x320
>   xfrm_user_rcv_msg+0x1d2/0x3d0
>   netlink_rcv_skb+0xe0/0x210
>   xfrm_netlink_rcv+0x45/0x50
>   netlink_unicast+0x346/0x490
>   netlink_sendmsg+0x3b0/0x6c0
>   sock_sendmsg+0x73/0xc0
>   sock_write_iter+0x13b/0x1f0
>   vfs_write+0x528/0x5d0
>   ksys_write+0x120/0x150
>   do_syscall_64+0x3d/0x90
>   entry_SYSCALL_64_after_hwframe+0x46/0xb0
>
> Fixes: 919e43fad516 ("xfrm: add an interface to offload policy")
> Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
> ---

Reviewed-by: Eric Dumazet <edumazet@google.com>

While reviewing this patch, I also saw xfrm_dev_policy_add() could use
GFP_KERNEL ?

diff --git a/net/xfrm/xfrm_device.c b/net/xfrm/xfrm_device.c
index bef28c6187ebdd0cfc34c8594aab96ac0b13dd24..508c96c90b3911eb88063ad680c77af2b317c95f
100644
--- a/net/xfrm/xfrm_device.c
+++ b/net/xfrm/xfrm_device.c
@@ -363,7 +363,7 @@ int xfrm_dev_policy_add(struct net *net, struct
xfrm_policy *xp,
        }

        xdo->dev = dev;
-       netdev_tracker_alloc(dev, &xdo->dev_tracker, GFP_ATOMIC);
+       netdev_tracker_alloc(dev, &xdo->dev_tracker, GFP_KERNEL);
        xdo->real_dev = dev;
        xdo->type = XFRM_DEV_OFFLOAD_PACKET;
        switch (dir) {
Leon Romanovsky April 20, 2023, 5:04 p.m. UTC | #3 
On Thu, Apr 20, 2023 at 06:51:52PM +0200, Eric Dumazet wrote:
> On Wed, Apr 19, 2023 at 2:19 PM Leon Romanovsky <leon@kernel.org> wrote:
> >
> > From: Leon Romanovsky <leonro@nvidia.com>
> >
> > Failure to add offloaded policy will cause to the following
> > error once user will try to reload driver.
> >
> > Unregister_netdevice: waiting for eth3 to become free. Usage count = 2
> >
> > This was caused by xfrm_dev_policy_add() which increments reference
> > to net_device. That reference was supposed to be decremented
> > in xfrm_dev_policy_free(). However the latter wasn't called.
> >
> >  unregister_netdevice: waiting for eth3 to become free. Usage count = 2
> >  leaked reference.
> >   xfrm_dev_policy_add+0xff/0x3d0
> >   xfrm_policy_construct+0x352/0x420
> >   xfrm_add_policy+0x179/0x320
> >   xfrm_user_rcv_msg+0x1d2/0x3d0
> >   netlink_rcv_skb+0xe0/0x210
> >   xfrm_netlink_rcv+0x45/0x50
> >   netlink_unicast+0x346/0x490
> >   netlink_sendmsg+0x3b0/0x6c0
> >   sock_sendmsg+0x73/0xc0
> >   sock_write_iter+0x13b/0x1f0
> >   vfs_write+0x528/0x5d0
> >   ksys_write+0x120/0x150
> >   do_syscall_64+0x3d/0x90
> >   entry_SYSCALL_64_after_hwframe+0x46/0xb0
> >
> > Fixes: 919e43fad516 ("xfrm: add an interface to offload policy")
> > Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
> > ---
> 
> Reviewed-by: Eric Dumazet <edumazet@google.com>
> 
> While reviewing this patch, I also saw xfrm_dev_policy_add() could use
> GFP_KERNEL ?

netdev_tracker_alloc(...) line was copied from commit e1b539bd73a7
("xfrm: add net device refcount tracker to struct xfrm_state_offload")

Thanks

> 
> diff --git a/net/xfrm/xfrm_device.c b/net/xfrm/xfrm_device.c
> index bef28c6187ebdd0cfc34c8594aab96ac0b13dd24..508c96c90b3911eb88063ad680c77af2b317c95f
> 100644
> --- a/net/xfrm/xfrm_device.c
> +++ b/net/xfrm/xfrm_device.c
> @@ -363,7 +363,7 @@ int xfrm_dev_policy_add(struct net *net, struct
> xfrm_policy *xp,
>         }
> 
>         xdo->dev = dev;
> -       netdev_tracker_alloc(dev, &xdo->dev_tracker, GFP_ATOMIC);
> +       netdev_tracker_alloc(dev, &xdo->dev_tracker, GFP_KERNEL);
>         xdo->real_dev = dev;
>         xdo->type = XFRM_DEV_OFFLOAD_PACKET;
>         switch (dir) {
Eric Dumazet April 20, 2023, 5:33 p.m. UTC | #4 
On Thu, Apr 20, 2023 at 7:05 PM Leon Romanovsky <leon@kernel.org> wrote:
>
> On Thu, Apr 20, 2023 at 06:51:52PM +0200, Eric Dumazet wrote:
> > On Wed, Apr 19, 2023 at 2:19 PM Leon Romanovsky <leon@kernel.org> wrote:
> > >
> > > From: Leon Romanovsky <leonro@nvidia.com>
> > >
> > > Failure to add offloaded policy will cause to the following
> > > error once user will try to reload driver.
> > >
> > > Unregister_netdevice: waiting for eth3 to become free. Usage count = 2
> > >
> > > This was caused by xfrm_dev_policy_add() which increments reference
> > > to net_device. That reference was supposed to be decremented
> > > in xfrm_dev_policy_free(). However the latter wasn't called.
> > >
> > >  unregister_netdevice: waiting for eth3 to become free. Usage count = 2
> > >  leaked reference.
> > >   xfrm_dev_policy_add+0xff/0x3d0
> > >   xfrm_policy_construct+0x352/0x420
> > >   xfrm_add_policy+0x179/0x320
> > >   xfrm_user_rcv_msg+0x1d2/0x3d0
> > >   netlink_rcv_skb+0xe0/0x210
> > >   xfrm_netlink_rcv+0x45/0x50
> > >   netlink_unicast+0x346/0x490
> > >   netlink_sendmsg+0x3b0/0x6c0
> > >   sock_sendmsg+0x73/0xc0
> > >   sock_write_iter+0x13b/0x1f0
> > >   vfs_write+0x528/0x5d0
> > >   ksys_write+0x120/0x150
> > >   do_syscall_64+0x3d/0x90
> > >   entry_SYSCALL_64_after_hwframe+0x46/0xb0
> > >
> > > Fixes: 919e43fad516 ("xfrm: add an interface to offload policy")
> > > Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
> > > ---
> >
> > Reviewed-by: Eric Dumazet <edumazet@google.com>
> >
> > While reviewing this patch, I also saw xfrm_dev_policy_add() could use
> > GFP_KERNEL ?
>
> netdev_tracker_alloc(...) line was copied from commit e1b539bd73a7
> ("xfrm: add net device refcount tracker to struct xfrm_state_offload")
>
> Thanks

Then I guess Steffen can fix both call sites...
Steffen Klassert April 21, 2023, 8:46 a.m. UTC | #5 
On Thu, Apr 20, 2023 at 07:33:14PM +0200, Eric Dumazet wrote:
> On Thu, Apr 20, 2023 at 7:05 PM Leon Romanovsky <leon@kernel.org> wrote:
> >
> > On Thu, Apr 20, 2023 at 06:51:52PM +0200, Eric Dumazet wrote:
> > > On Wed, Apr 19, 2023 at 2:19 PM Leon Romanovsky <leon@kernel.org> wrote:
> > > >
> > > > From: Leon Romanovsky <leonro@nvidia.com>
> > > >
> > > > Failure to add offloaded policy will cause to the following
> > > > error once user will try to reload driver.
> > > >
> > > > Unregister_netdevice: waiting for eth3 to become free. Usage count = 2
> > > >
> > > > This was caused by xfrm_dev_policy_add() which increments reference
> > > > to net_device. That reference was supposed to be decremented
> > > > in xfrm_dev_policy_free(). However the latter wasn't called.
> > > >
> > > >  unregister_netdevice: waiting for eth3 to become free. Usage count = 2
> > > >  leaked reference.
> > > >   xfrm_dev_policy_add+0xff/0x3d0
> > > >   xfrm_policy_construct+0x352/0x420
> > > >   xfrm_add_policy+0x179/0x320
> > > >   xfrm_user_rcv_msg+0x1d2/0x3d0
> > > >   netlink_rcv_skb+0xe0/0x210
> > > >   xfrm_netlink_rcv+0x45/0x50
> > > >   netlink_unicast+0x346/0x490
> > > >   netlink_sendmsg+0x3b0/0x6c0
> > > >   sock_sendmsg+0x73/0xc0
> > > >   sock_write_iter+0x13b/0x1f0
> > > >   vfs_write+0x528/0x5d0
> > > >   ksys_write+0x120/0x150
> > > >   do_syscall_64+0x3d/0x90
> > > >   entry_SYSCALL_64_after_hwframe+0x46/0xb0
> > > >
> > > > Fixes: 919e43fad516 ("xfrm: add an interface to offload policy")
> > > > Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
> > > > ---
> > >
> > > Reviewed-by: Eric Dumazet <edumazet@google.com>
> > >
> > > While reviewing this patch, I also saw xfrm_dev_policy_add() could use
> > > GFP_KERNEL ?
> >
> > netdev_tracker_alloc(...) line was copied from commit e1b539bd73a7
> > ("xfrm: add net device refcount tracker to struct xfrm_state_offload")
> >
> > Thanks
> 
> Then I guess Steffen can fix both call sites...

Sure, will do a patch.

Thanks!
diff mbox series

Patch

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index d720e163ae6e..0e398a589536 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -1980,6 +1980,7 @@  static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
 
 	if (err) {
 		xfrm_dev_policy_delete(xp);
+		xfrm_dev_policy_free(xp);
 		security_xfrm_policy_free(xp->security);
 		kfree(xp);
 		return err;