diff mbox series

[11/11] iscsi: force destroy sesions when a network namespace exits

Message ID 20230410191033.1069293-3-cleech@redhat.com (mailing list archive)
State Not Applicable
Headers show
Series None | expand

Commit Message

Chris Leech April 10, 2023, 7:10 p.m. UTC
The namespace is gone, so there is no userspace to clean up.
Force close all the sessions.

This should be enough for software transports, there's no implementation
of migrating physical iSCSI hosts between network namespaces currently.

Signed-off-by: Chris Leech <cleech@redhat.com>
---
 drivers/scsi/scsi_transport_iscsi.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

Comments

Hannes Reinecke April 11, 2023, 6:21 a.m. UTC | #1
On 4/10/23 21:10, Chris Leech wrote:
> The namespace is gone, so there is no userspace to clean up.
> Force close all the sessions.
> 
> This should be enough for software transports, there's no implementation
> of migrating physical iSCSI hosts between network namespaces currently.
> 
Ah, you shouldn't have mentioned that.
(Not quite sure how being namespace-aware relates to migration, though.)
We should be checking/modifying the iSCSI offload drivers, too.
But maybe with a later patch.

> Signed-off-by: Chris Leech <cleech@redhat.com>
> ---
>   drivers/scsi/scsi_transport_iscsi.c | 18 ++++++++++++++++++
>   1 file changed, 18 insertions(+)
> 
Reviewed-by: Hannes Reinecke <hare@suse.de>

Cheers,

Hannes
Chris Leech April 11, 2023, 6:19 p.m. UTC | #2
On Tue, Apr 11, 2023 at 08:21:22AM +0200, Hannes Reinecke wrote:
> On 4/10/23 21:10, Chris Leech wrote:
> > The namespace is gone, so there is no userspace to clean up.
> > Force close all the sessions.
> > 
> > This should be enough for software transports, there's no implementation
> > of migrating physical iSCSI hosts between network namespaces currently.
> > 
> Ah, you shouldn't have mentioned that.
> (Not quite sure how being namespace-aware relates to migration, though.)
> We should be checking/modifying the iSCSI offload drivers, too.
> But maybe with a later patch.

I shouldn't have left that opening ;-)

The idea with this design is to keep everything rooted on the
iscsi_host, and for physical HBAs those stay assigned to init_net.
With this patch set, offload drivers remain unusable in a net namespace
other than init_net. They simply are not visible.

By migration, I was implying the possibilty of assigment of an HBA
iscsi_host into a namespace like you can do with a network interface.
Such an iscsi_host would then need to be migrated back to init_net on
namespace exit.

I don't think it works to try and share an iscsi_host across namespaces,
and manage different sessions. The iSCSI HBAs have a limited number of
network configurations, exposed as iscsi_iface objects, and I don't want
to go down the road of figuring out how to share those.

- Chris
Hannes Reinecke April 12, 2023, 6:02 a.m. UTC | #3
On 4/11/23 20:19, Chris Leech wrote:
> On Tue, Apr 11, 2023 at 08:21:22AM +0200, Hannes Reinecke wrote:
>> On 4/10/23 21:10, Chris Leech wrote:
>>> The namespace is gone, so there is no userspace to clean up.
>>> Force close all the sessions.
>>>
>>> This should be enough for software transports, there's no implementation
>>> of migrating physical iSCSI hosts between network namespaces currently.
>>>
>> Ah, you shouldn't have mentioned that.
>> (Not quite sure how being namespace-aware relates to migration, though.)
>> We should be checking/modifying the iSCSI offload drivers, too.
>> But maybe with a later patch.
> 
> I shouldn't have left that opening ;-)
> 
> The idea with this design is to keep everything rooted on the
> iscsi_host, and for physical HBAs those stay assigned to init_net.
> With this patch set, offload drivers remain unusable in a net namespace
> other than init_net. They simply are not visible.
> 
> By migration, I was implying the possibilty of assigment of an HBA
> iscsi_host into a namespace like you can do with a network interface.
> Such an iscsi_host would then need to be migrated back to init_net on
> namespace exit.
> 
> I don't think it works to try and share an iscsi_host across namespaces,
> and manage different sessions. The iSCSI HBAs have a limited number of
> network configurations, exposed as iscsi_iface objects, and I don't want
> to go down the road of figuring out how to share those.
> 
Ah, yes, indeed.

Quite some iSCSI offloads create the network session internally (or 
don't even have one), so making them namespace aware will be tricky.

But then I guess we should avoid creating offload sessions from other 
namespaces; preferably by a patch for the kernel such that userspace can 
run unmodified.

Cheers,

Hannes
diff mbox series

Patch

diff --git a/drivers/scsi/scsi_transport_iscsi.c b/drivers/scsi/scsi_transport_iscsi.c
index 3a068d8eca2d..8fafa8f0e0df 100644
--- a/drivers/scsi/scsi_transport_iscsi.c
+++ b/drivers/scsi/scsi_transport_iscsi.c
@@ -5200,9 +5200,27 @@  static int __net_init iscsi_net_init(struct net *net)
 
 static void __net_exit iscsi_net_exit(struct net *net)
 {
+	struct iscsi_cls_session *session, *tmp;
+	struct iscsi_transport *transport;
 	struct iscsi_net *isn;
+	unsigned long flags;
+	LIST_HEAD(sessions);
 
 	isn = net_generic(net, iscsi_net_id);
+
+	/* force session destruction, there is no userspace anymore */
+	spin_lock_irqsave(&isn->sesslock, flags);
+	list_for_each_entry_safe(session, tmp, &isn->sesslist, sess_list) {
+		list_move_tail(&session->sess_list, &sessions);
+	}
+	spin_unlock_irqrestore(&isn->sesslock, flags);
+	list_for_each_entry_safe(session, tmp, &sessions, sess_list) {
+		device_for_each_child(&session->dev, NULL,
+				      iscsi_iter_force_destroy_conn_fn);
+		transport = session->transport;
+		transport->destroy_session(session);
+	}
+
 	netlink_kernel_release(isn->nls);
 	isn->nls = NULL;
 }