Re: [Devel] [PATCH VZ9] fs/fuse kio: implement zerocopy read with krpc

Ack On Wed, Sep 25, 2024 at 2:56 PM Liu Kui wrote: > > For FUSE_READ, original page vectors can be found from fuse core by > fuse request sequence number and device id. When a read request rpc > msg is sent via krpc, instead of a userspace buffer, userspace passes > fuse request sequence number,

[Devel] [PATCH VZ7 2/7] netfilter: ipset: fix performance regression in swap operation

From: Jozsef Kadlecsik The patch "netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test", commit 28628fa9 fixes a race condition. But the synchronize_rcu() added to the swap function unnecessarily slows it down: it can safely be moved to destroy and use call_rcu()

[Devel] [PATCH VZ7 1/7] netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test

From: Jozsef Kadlecsik Linkui Xiao reported that there's a race condition when ipset swap and destroy is called, which can lead to crash in add/del/test element operations. Swap then destroy are usual operations to replace a set with another one in a production system. The issue can in some case

[Devel] [PATCH VZ7 6/7] netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type

From: Jozsef Kadlecsik Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The namespace cleanup can destroy the list:set type of sets while the gc of the set type is waiting to run in rcu cleanup. The latter u

[Devel] [PATCH VZ7 5/7] netns: add pre_exit method to struct pernet_operations

From: Eric Dumazet Current struct pernet_operations exit() handlers are highly discouraged to call synchronize_rcu(). There are cases where we need them, and exit_batch() does not help the common case where a single netns is dismantled. This patch leverages the existing synchronize_rcu() call i

[Devel] [PATCH VZ7 7/7] netfilter: ipset: Fix suspicious rcu_dereference_protected()

From: Jozsef Kadlecsik When destroying all sets, we are either in pernet exit phase or are executing a "destroy all sets command" from userspace. The latter was taken into account in ip_set_dereference() (nfnetlink mutex is held), but the former was not. The patch adds the required check to rcu_d

[Devel] [PATCH VZ7 4/7] netfilter: ipset: Add list flush to cancel_gc

From: Alexander Maltsev Flushing list in cancel_gc drops references to other lists right away, without waiting for RCU to destroy list. Fixes race when referenced ipsets can't be destroyed while referring list is scheduled for destroy. Fixes: 97f7cf1cd80e ("netfilter: ipset: fix performance regr

[Devel] [PATCH VZ7 3/7] netfilter: ipset: Missing gc cancellations fixed

From: Jozsef Kadlecsik The patch fdb8e12cc2cc ("netfilter: ipset: fix performance regression in swap operation") missed to add the calls to gc cancellations at the error path of create operations and at module unload. Also, because the half of the destroy operations now executed by a function reg

[Devel] [PATCH VZ7 0/7] netfilter: ipset: Fix possible cause of memory corruption

Patch [1] fixes possible race between swap/destroy and add/del/test. Here is is possible order of events when this race can lead to double free with kfree_rcu on already freed hash bucket: # Thread 1 +-> ip_set_add +-> set = ip_set_rcu_get(xt_net(par), index) < pause > # Thread 2 ipset