From patchwork Fri May 10 06:36:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Wenbin Zeng X-Patchwork-Id: 1097847 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="Wed4E5pO"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 450gVW1LPqz9sBr for ; Fri, 10 May 2019 16:37:07 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727096AbfEJGhD (ORCPT ); Fri, 10 May 2019 02:37:03 -0400 Received: from mail-pg1-f193.google.com ([209.85.215.193]:39775 "EHLO mail-pg1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727080AbfEJGhD (ORCPT ); Fri, 10 May 2019 02:37:03 -0400 Received: by mail-pg1-f193.google.com with SMTP id w22so2506531pgi.6; Thu, 09 May 2019 23:37:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=zLdDfcuD8HJ6Gnz5XFclI1wW6NCmbCtA5LfOLEb3XOU=; b=Wed4E5pOWrD7XVDE4H4yqGlfRAyjKQcvhGqFo5bLHStJSijC3WZ0ggU8d64oDNXp6z Jj3muWk56f0OAHfmz5Sgp3rrpANuLj85FrfG8oEPwB9YW424ubwyVW1Tkzs14bSpG5oO lzRosd/80AIg2tF4WGhQ7MmvhyZM5Qv3FcgCREMUJEcnQddsRXOMyUCott4PTuhISIXW op4eQaLxadv9/yPYQ3pPjE2Fl7ZSr6OySE2vta4oxNs8IFzIFxPLXtoN5ly2oQy2Uikr 5NorPvALvRzePopDsk4jTLhi6KVdnBZzZkwbq/0hMnyYXfUXBFRwSKSIZiG3mkzDZtZW NNGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=zLdDfcuD8HJ6Gnz5XFclI1wW6NCmbCtA5LfOLEb3XOU=; b=k6odyvy8eKyEQZ3MDGdb1ByyendRWPwFbwaYMnIJ4ttdo/pna4WlRyZu4EMHLapydJ 4LKC8mNsGJDh/neSYmrvp9RmQCFG0z8cNmM3YEmBqvl97MQR/CdTMnqoNqZmE1l0EeIy icqhXnpWIK/bMSuelGUGR+SOzlYq2DcQy7TFZ8KMVXJOSySbcJSwrIHOmMQ2o2Ln9cFa CJaeVTp/+XiXr93SNRsjcmkojZWe1T2zYuegeEc3iz2TjufkjHLLuNIKAqL/ft0i9DWo CHSxMY0AV3LW9REUpTA40HrIy8qhDYkM/zjBwGSFE8iXydzFTfugX04/MR9vHpBtNzvQ TKiw== X-Gm-Message-State: APjAAAWzTuXDL3AC3voi89ZnkLgLOeWPsJv0OV2x242aBZ7yDfz/AyKC TrvuCKehS1hqBBzTzifCK0E= X-Google-Smtp-Source: APXvYqz9O37wiP/z0WGDMk6JfJvn0KMws35Bec0ftiK5yJUjYh+LUgDOkcNwtt9qThkYL3tcOsIsug== X-Received: by 2002:a63:d343:: with SMTP id u3mr11525240pgi.285.1557470222385; Thu, 09 May 2019 23:37:02 -0700 (PDT) Received: from bridge.localdomain ([119.28.31.106]) by smtp.gmail.com with ESMTPSA id v6sm4469263pgi.88.2019.05.09.23.36.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 May 2019 23:37:01 -0700 (PDT) From: Wenbin Zeng X-Google-Original-From: Wenbin Zeng To: bfields@fieldses.org, viro@zeniv.linux.org.uk, davem@davemloft.net Cc: jlayton@kernel.org, trond.myklebust@hammerspace.com, anna.schumaker@netapp.com, wenbinzeng@tencent.com, dsahern@gmail.com, nicolas.dichtel@6wind.com, willy@infradead.org, edumazet@google.com, jakub.kicinski@netronome.com, tyhicks@canonical.com, chuck.lever@oracle.com, neilb@suse.com, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, linux-nfs@vger.kernel.org Subject: [PATCH v2 1/3] nsfs: add evict callback into struct proc_ns_operations Date: Fri, 10 May 2019 14:36:01 +0800 Message-Id: <1557470163-30071-2-git-send-email-wenbinzeng@tencent.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1557470163-30071-1-git-send-email-wenbinzeng@tencent.com> References: <1556692945-3996-1-git-send-email-wenbinzeng@tencent.com> <1557470163-30071-1-git-send-email-wenbinzeng@tencent.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The newly added evict callback shall be called by nsfs_evict(). Currently only put() callback is called in nsfs_evict(), it is not able to release all netns refcount, for example, a rpc client holds two netns refcounts, these refcounts are supposed to be released when the rpc client is freed, but the code to free rpc client is normally triggered by put() callback only when netns refcount gets to 0, specifically: refcount=0 -> cleanup_net() -> ops_exit_list -> free rpc client But netns refcount will never get to 0 before rpc client gets freed, to break the deadlock, the code to free rpc client can be put into the newly added evict callback. Signed-off-by: Wenbin Zeng --- fs/nsfs.c | 2 ++ include/linux/proc_ns.h | 1 + 2 files changed, 3 insertions(+) diff --git a/fs/nsfs.c b/fs/nsfs.c index 60702d6..a122288 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c @@ -48,6 +48,8 @@ static void nsfs_evict(struct inode *inode) { struct ns_common *ns = inode->i_private; clear_inode(inode); + if (ns->ops->evict) + ns->ops->evict(ns); ns->ops->put(ns); } diff --git a/include/linux/proc_ns.h b/include/linux/proc_ns.h index d31cb62..919f0d4 100644 --- a/include/linux/proc_ns.h +++ b/include/linux/proc_ns.h @@ -19,6 +19,7 @@ struct proc_ns_operations { int type; struct ns_common *(*get)(struct task_struct *task); void (*put)(struct ns_common *ns); + void (*evict)(struct ns_common *ns); int (*install)(struct nsproxy *nsproxy, struct ns_common *ns); struct user_namespace *(*owner)(struct ns_common *ns); struct ns_common *(*get_parent)(struct ns_common *ns); From patchwork Fri May 10 06:36:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Wenbin Zeng X-Patchwork-Id: 1097848 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="LUHea/+g"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 450gVc69Xhz9sD4 for ; Fri, 10 May 2019 16:37:12 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727128AbfEJGhI (ORCPT ); Fri, 10 May 2019 02:37:08 -0400 Received: from mail-pf1-f196.google.com ([209.85.210.196]:44803 "EHLO mail-pf1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727080AbfEJGhI (ORCPT ); Fri, 10 May 2019 02:37:08 -0400 Received: by mail-pf1-f196.google.com with SMTP id g9so2662507pfo.11; Thu, 09 May 2019 23:37:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=xdrfU3jBA/RaTefpguhrn0FDqFx10ulzhdJD8aISx+c=; b=LUHea/+gXaK+ldcCF1TiORDqUzjf3Qltryz8swWImZoJDp/+LE9B4dViupdCxI9GzP Vaef4tuHn6gDIR7CX5mieXSFPRgRdapU2NW0I9VjJTBE+X+pUVaCDvsuixld/TtLkZeG Y7ZDrq5xz9rWlYGvowW1GgaIy1xaVOIXkhDU4dT4ga9ito1Xg/L9Rooy0hbAMX+Y9EX7 9SVKTzAVdUpnJw+M8S6sM0n2Ybd73KzsOtz4JJ6fmj/pyc7dQrNIE1Z4GyA58eN0IPdr sJG1+ZXq4mYVNJO02swLUlaFTq72YvYeDL4fmJaPJEJ3y81+ZZDiO6bEVolgLqiwJshb ovbg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=xdrfU3jBA/RaTefpguhrn0FDqFx10ulzhdJD8aISx+c=; b=XE5FM9nimTqxuj5KP6rkgoqbQyJgOUSQ74PukBx1yrhETrefYWjas7mZgsxR6gRFYW 2vDUHtMv57NGpVZZad9DevMnPjJjUSs9PjyJS7NEj3sFI0ZmPx1EDKoLbRuvsBfiWMTq pOxKDcLB8Z0idgEj02SJptsInHapkDC+9Ul3VEZJ/dbSoYYlH7dJevgZ35okx7nL0NWO YExDRZGzw1WdKXbdSSXQiKT+IGXpl/QPOkalnQ3UVgehrPrdnIrPODPsSUCrxfdvDdJB t3k9fXepEV46N8jO3Vb4nmI6hve1mpDig55BMnva5xO/UILspZtqbxONocj6BE0feuXx FSpg== X-Gm-Message-State: APjAAAXPpeaw4rKSsmWqHPZfc6wUO8DJ9mavMMVMm5dORlmi9piVUUra Wl6cjhi3OaNs6gXvI9wZTGQ= X-Google-Smtp-Source: APXvYqwEg2W/ONGhmSKEJ4iAryMnClEs/wpvuLAXoKejUtG4t1tjei2Q47PD83+u7r3ZvEdDfrqSqw== X-Received: by 2002:a62:5b81:: with SMTP id p123mr12002969pfb.158.1557470227343; Thu, 09 May 2019 23:37:07 -0700 (PDT) Received: from bridge.localdomain ([119.28.31.106]) by smtp.gmail.com with ESMTPSA id v6sm4469263pgi.88.2019.05.09.23.37.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 May 2019 23:37:06 -0700 (PDT) From: Wenbin Zeng X-Google-Original-From: Wenbin Zeng To: bfields@fieldses.org, viro@zeniv.linux.org.uk, davem@davemloft.net Cc: jlayton@kernel.org, trond.myklebust@hammerspace.com, anna.schumaker@netapp.com, wenbinzeng@tencent.com, dsahern@gmail.com, nicolas.dichtel@6wind.com, willy@infradead.org, edumazet@google.com, jakub.kicinski@netronome.com, tyhicks@canonical.com, chuck.lever@oracle.com, neilb@suse.com, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, linux-nfs@vger.kernel.org Subject: [PATCH v2 2/3] netns: add netns_evict into netns_operations Date: Fri, 10 May 2019 14:36:02 +0800 Message-Id: <1557470163-30071-3-git-send-email-wenbinzeng@tencent.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1557470163-30071-1-git-send-email-wenbinzeng@tencent.com> References: <1556692945-3996-1-git-send-email-wenbinzeng@tencent.com> <1557470163-30071-1-git-send-email-wenbinzeng@tencent.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The newly added netns_evict() shall be called when the netns inode being evicted. It provides another path to release netns refcounts, previously netns_put() is the only choice, but it is not able to release all netns refcount, for example, a rpc client holds two netns refcounts, these refcounts are supposed to be released when the rpc client is freed, but the code to free rpc client is normally triggered by put() callback only when netns refcount gets to 0, specifically: refcount=0 -> cleanup_net() -> ops_exit_list -> free rpc client But netns refcount will never get to 0 before rpc client gets freed, to break the deadlock, the code to free rpc client can be put into the newly added netns_evict. Signed-off-by: Wenbin Zeng Acked-by: David S. Miller --- include/net/net_namespace.h | 1 + net/core/net_namespace.c | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index 12689dd..c44306a 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -357,6 +357,7 @@ struct pernet_operations { int (*init)(struct net *net); void (*exit)(struct net *net); void (*exit_batch)(struct list_head *net_exit_list); + void (*evict)(struct net *net); unsigned int *id; size_t size; }; diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c index 7e6dcc6..0626fc4 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c @@ -1296,6 +1296,17 @@ static void netns_put(struct ns_common *ns) put_net(to_net_ns(ns)); } +static void netns_evict(struct ns_common *ns) +{ + struct net *net = to_net_ns(ns); + const struct pernet_operations *ops; + + list_for_each_entry_reverse(ops, &pernet_list, list) { + if (ops->evict) + ops->evict(net); + } +} + static int netns_install(struct nsproxy *nsproxy, struct ns_common *ns) { struct net *net = to_net_ns(ns); @@ -1319,6 +1330,7 @@ static struct user_namespace *netns_owner(struct ns_common *ns) .type = CLONE_NEWNET, .get = netns_get, .put = netns_put, + .evict = netns_evict, .install = netns_install, .owner = netns_owner, }; From patchwork Fri May 10 06:36:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Wenbin Zeng X-Patchwork-Id: 1097849 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="r59rDHqt"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 450gVj4tRBz9sBr for ; Fri, 10 May 2019 16:37:17 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727156AbfEJGhO (ORCPT ); Fri, 10 May 2019 02:37:14 -0400 Received: from mail-pf1-f195.google.com ([209.85.210.195]:44810 "EHLO mail-pf1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726873AbfEJGhN (ORCPT ); Fri, 10 May 2019 02:37:13 -0400 Received: by mail-pf1-f195.google.com with SMTP id g9so2662609pfo.11; Thu, 09 May 2019 23:37:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=tZpDbbxPQIQaiTEJ/QF3eG59ACeQtX21Wr99/jZNM7o=; b=r59rDHqtOd7p+7W9lwVnV5p8DCUR6qGWm1fA+Se52beD9X8hdi5gXvUCA/jU5nhPDl WF3brRF3Y+iKrRQCfzoL7srTYKFWGrF4/+JKPn2GZDDQMP4Y32QZVWgJ8fpzz4JHDC/j UxJliP3I3+QfBu346rmvtNAiw8aEa1KrCRxRBDErVdos5adye4rfGww0oten6Smdy2Cj oRf6DSnhVd+Y6RzhNRsT2Nb/KrQ6xDm+2pd9qCCNTDMNtvZgf8j7kRKGEcMUqsJRXHGV /FycWZVKTUm+USwcg0lSigbRGpnzCfKUYsrXV5HD2U4o1IWUz3kIm9Cr1Z6V51X6yv0X 4HPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=tZpDbbxPQIQaiTEJ/QF3eG59ACeQtX21Wr99/jZNM7o=; b=o8qNj3xgEwnmTliR1dgcmSsIgabDiB48PR/bKu3qYkeqqrP3S7DqY4ekTsZWbtwDaU 3SHTjplOcRo4lp2nOLaMnxafxuMREZRcHfTrvQMK84xJc+rHCyyker/ONZfnuvZEOzOs JgcwslPXGLoWPdGzmlokmrLOKfGVMRrmMnPn/EgOl9ICTaGBJQBSvCkZyVvG89+UHK0w GBoYkgQ+rrJwsulm2tDwuPV5WMeeTwtJSRUHScX+F0RHVaTBgBWqRy9ypCCeeFtFQnu7 xGR1j7qPmPoK87kcH9oZ+xKijpFDya2bDuw/k4m3igXSAcPtkPBkzrTPjU/tDi/pUh+l 4+lw== X-Gm-Message-State: APjAAAVbfGLXmDEeaWxM1ERhu366o6KIDMqeqGS8NpctOzZKVLPH/4qQ cZl0aS7tsDnvthd8m7YpMs8= X-Google-Smtp-Source: APXvYqyTPtOYvxSUX3bbrvCZ4KxRbJM8QDJZj2fhpRLkLZL3C4WBC0szcESYnw8qQPdTbioxaatmIw== X-Received: by 2002:a63:2124:: with SMTP id h36mr11608289pgh.186.1557470232308; Thu, 09 May 2019 23:37:12 -0700 (PDT) Received: from bridge.localdomain ([119.28.31.106]) by smtp.gmail.com with ESMTPSA id v6sm4469263pgi.88.2019.05.09.23.37.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 May 2019 23:37:11 -0700 (PDT) From: Wenbin Zeng X-Google-Original-From: Wenbin Zeng To: bfields@fieldses.org, viro@zeniv.linux.org.uk, davem@davemloft.net Cc: jlayton@kernel.org, trond.myklebust@hammerspace.com, anna.schumaker@netapp.com, wenbinzeng@tencent.com, dsahern@gmail.com, nicolas.dichtel@6wind.com, willy@infradead.org, edumazet@google.com, jakub.kicinski@netronome.com, tyhicks@canonical.com, chuck.lever@oracle.com, neilb@suse.com, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, linux-nfs@vger.kernel.org Subject: [PATCH v2 3/3] auth_gss: fix deadlock that blocks rpcsec_gss_exit_net when use-gss-proxy==1 Date: Fri, 10 May 2019 14:36:03 +0800 Message-Id: <1557470163-30071-4-git-send-email-wenbinzeng@tencent.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1557470163-30071-1-git-send-email-wenbinzeng@tencent.com> References: <1556692945-3996-1-git-send-email-wenbinzeng@tencent.com> <1557470163-30071-1-git-send-email-wenbinzeng@tencent.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org When use-gss-proxy is set to 1, write_gssp() creates a rpc client in gssp_rpc_create(), this increases netns refcount by 2, these refcounts are supposed to be released in rpcsec_gss_exit_net(), but it will never happen because rpcsec_gss_exit_net() is triggered only when netns refcount gets to 0, specifically: refcount=0 -> cleanup_net() -> ops_exit_list -> rpcsec_gss_exit_net It is a deadlock situation here, refcount will never get to 0 unless rpcsec_gss_exit_net() is called. This fix introduced a new callback i.e. evict in struct proc_ns_operations, which is called in nsfs_evict. Moving rpcsec_gss_exit_net to evict path gives it a chance to get called and avoids the above deadlock situation. Signed-off-by: Wenbin Zeng --- net/sunrpc/auth_gss/auth_gss.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c index 3fd56c0..3e6bd59 100644 --- a/net/sunrpc/auth_gss/auth_gss.c +++ b/net/sunrpc/auth_gss/auth_gss.c @@ -2136,14 +2136,17 @@ static __net_init int rpcsec_gss_init_net(struct net *net) return gss_svc_init_net(net); } -static __net_exit void rpcsec_gss_exit_net(struct net *net) +static void rpcsec_gss_evict_net(struct net *net) { - gss_svc_shutdown_net(net); + struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); + + if (sn->gssp_clnt) + gss_svc_shutdown_net(net); } static struct pernet_operations rpcsec_gss_net_ops = { .init = rpcsec_gss_init_net, - .exit = rpcsec_gss_exit_net, + .evict = rpcsec_gss_evict_net, }; /*