| Message ID | 20211207005142.1688204-1-eric.dumazet@gmail.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | net: netns refcount tracking series | expand |
On Mon, 6 Dec 2021 16:51:25 -0800 Eric Dumazet wrote: > We have 100+ syzbot reports about netns being dismantled too soon, > still unresolved as of today. > > We think a missing get_net() or an extra put_net() is the root cause. > > In order to find the bug(s), and be able to spot future ones, > this patch adds CONFIG_NET_NS_REFCNT_TRACKER and new helpers > to precisely pair all put_net() with corresponding get_net(). > > To use these helpers, each data structure owning a refcount > should also use a "netns_tracker" to pair the get() and put(). > > Small sections of codes where the get()/put() are in sight > do not need to have a tracker, because they are short lived, > but in theory it is also possible to declare an on-stack tracker. Ugh, I realized after a week of waiting that vfs / sunrpc / audit folks are not even CCed here. I think we should give them the courtesy of being able to ack the patches.. Can you split out 1-4,6,7 for immediate merging and repost the rest with the right CCs?
From: Eric Dumazet <edumazet@google.com> We have 100+ syzbot reports about netns being dismantled too soon, still unresolved as of today. We think a missing get_net() or an extra put_net() is the root cause. In order to find the bug(s), and be able to spot future ones, this patch adds CONFIG_NET_NS_REFCNT_TRACKER and new helpers to precisely pair all put_net() with corresponding get_net(). To use these helpers, each data structure owning a refcount should also use a "netns_tracker" to pair the get() and put(). Small sections of codes where the get()/put() are in sight do not need to have a tracker, because they are short lived, but in theory it is also possible to declare an on-stack tracker. Eric Dumazet (17): net: add networking namespace refcount tracker net: add netns refcount tracker to struct sock net: add netns refcount tracker to struct seq_net_private net: sched: add netns refcount tracker to struct tcf_exts netfilter: nfnetlink: add netns refcount tracker to struct nfulnl_instance l2tp: add netns refcount tracker to l2tp_dfs_seq_data ppp: add netns refcount tracker netfilter: nf_nat_masquerade: add netns refcount tracker to masq_dev_work SUNRPC: add netns refcount tracker to struct svc_xprt SUNRPC: add netns refcount tracker to struct gss_auth SUNRPC: add netns refcount tracker to struct rpc_xprt net: initialize init_net earlier net: add netns refcount tracker to struct nsproxy vfs: add netns refcount tracker to struct fs_context audit: add netns refcount tracker to struct audit_net audit: add netns refcount tracker to struct audit_reply audit: add netns refcount tracker to struct audit_netlink_list drivers/net/ppp/ppp_generic.c | 5 ++-- fs/afs/mntpt.c | 5 ++-- fs/fs_context.c | 7 +++--- fs/nfs/fs_context.c | 5 ++-- fs/nfs/namespace.c | 5 ++-- fs/proc/proc_net.c | 19 ++++++++++++--- include/linux/fs_context.h | 2 ++ include/linux/netdevice.h | 9 +------ include/linux/nsproxy.h | 2 ++ include/linux/seq_file_net.h | 3 ++- include/linux/sunrpc/svc_xprt.h | 1 + include/linux/sunrpc/xprt.h | 1 + include/net/net_namespace.h | 40 +++++++++++++++++++++++++++++++ include/net/net_trackers.h | 18 ++++++++++++++ include/net/pkt_cls.h | 8 +++++-- include/net/sock.h | 2 ++ init/main.c | 2 ++ kernel/audit.c | 14 +++++++---- kernel/audit.h | 2 ++ kernel/auditfilter.c | 3 ++- kernel/nsproxy.c | 5 ++-- net/Kconfig.debug | 9 +++++++ net/core/dev.c | 3 +-- net/core/net_namespace.c | 24 ++++++++----------- net/core/sock.c | 6 ++--- net/l2tp/l2tp_debugfs.c | 9 +++---- net/netfilter/nf_nat_masquerade.c | 4 +++- net/netfilter/nfnetlink_log.c | 5 ++-- net/sunrpc/auth_gss/auth_gss.c | 10 ++++---- net/sunrpc/svc_xprt.c | 4 ++-- net/sunrpc/xprt.c | 4 ++-- 31 files changed, 169 insertions(+), 67 deletions(-) create mode 100644 include/net/net_trackers.h