On 10/21/19 8:33 PM, Hoang Le wrote:
> Hi Eric,
>
> Thanks for quick feedback.
> See my inline answer.
>
> Regards,
> Hoang
> -----Original Message-----
> From: Eric Dumazet <eric.duma...@gmail.com>
> Sent: Tuesday, October 22, 2019 9:41 AM
> To: Hoang Le <hoang.h...@dektech.com.au>; jon.ma...@ericsson.com;
> ma...@donjonn.com; tipc-discuss...@lists.sourceforge.net;
> netdev@vger.kernel.org
> Subject: Re: [net-next] tipc: improve throughput between nodes in netns
>
>
> On 10/21/19 7:20 PM, Hoang Le wrote:
>> n->net = net;
>> n->capabilities = capabilities;
>> + n->pnet = NULL;
>> + for_each_net_rcu(tmp) {
>
> This does not scale well, if say you have a thousand netns ?
> [Hoang] This check execs only once at setup step. So we get no problem with
> huge namespaces.
>
>> + tn_peer = net_generic(tmp, tipc_net_id);
>> + if (!tn_peer)
>> + continue;
>> + /* Integrity checking whether node exists in namespace or not */
>> + if (tn_peer->net_id != tn->net_id)
>> + continue;
>> + if (memcmp(peer_id, tn_peer->node_id, NODE_ID_LEN))
>> + continue;
>> +
>> + hash_chk = tn_peer->random;
>> + hash_chk ^= net_hash_mix(&init_net);
>
> Why the xor with net_hash_mix(&init_net) is needed ?
> [Hoang] We're trying to eliminate a sniff at injectable discovery message.
> Building hash-mixes as much as possible is to prevent fake discovery messages.
>
>> + hash_chk ^= net_hash_mix(tmp);
>> + if (hash_chk ^ hash_mixes)
>> + continue;
>> + n->pnet = tmp;
>> + break;
>> + }
>
>
> How can we set n->pnet without increasing netns ->count ?
> Using check_net() later might trigger an use-after-free.
>
> [Hoang] In this case, peer node is down. I assume the tipc xmit function
> already bypassed these lines.
>
I assume nothing. I prefer evidences :)
It seems that the netns could go down later, you need some
kind of notifier to be able to purge queues/objects having a pointer to a
dismantling netns.
Keeping pointers without proper refcount (get_net() or maybe_get_net()) is a
recipe for disasters.
