flowcache: Fix resource leaks on namespace exit.

We leak an active timer, the hotcpu notifier and all allocated resources when we exit a namespace. Fix this by introducing a flow_cache_fini() function where we release the resources before we exit. Fixes: ca925cf1534e ("flowcache: Make flow cache name space aware") Reported-by: Jakub Kicinski <moorray3@wp.pl> Tested-by: Jakub Kicinski <moorray3@wp.pl> Cc: Eric Dumazet <eric.dumazet@gmail.com> Cc: Fan Du <fan.du@windriver.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Acked-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Steffen Klassert <steffen.klassert@secunet.com> 2014-03-12 04:43:17 -0400
committer: David S. Miller <davem@davemloft.net> 2014-03-12 15:31:18 -0400
commit: 4a93f5095a628d812b0b30c16d7bacea1efd783c (patch)
tree: 58d93f95f1e9a63cd0b1e052ddf2e32e0c7eb390 /net
parent: 1f36fc74d87fd6b09d8326879882a60c5399fe29 (diff)
2 files changed, 25 insertions, 1 deletions
diff --git a/net/core/flow.c b/net/core/flow.c
index 102f8ea2eb6e..31cfb365e0c6 100644
--- a/net/core/flow.c
+++ b/net/core/flow.c
@@ -484,3 +484,22 @@ err:
        return -ENOMEM;
 }
 EXPORT_SYMBOL(flow_cache_init);
+void flow_cache_fini(struct net *net)
+{
+        int i;
+        struct flow_cache *fc = &net->xfrm.flow_cache_global;
+        del_timer_sync(&fc->rnd_timer);
+        unregister_hotcpu_notifier(&fc->hotcpu_notifier);
+        for_each_possible_cpu(i) {
+                struct flow_cache_percpu *fcp = per_cpu_ptr(fc->percpu, i);
+                kfree(fcp->hash_table);
+                fcp->hash_table = NULL;
+        }
+        free_percpu(fc->percpu);
+        fc->percpu = NULL;
+}
+EXPORT_SYMBOL(flow_cache_fini);
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index a75fae4b045a..f02f511b7107 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -2913,15 +2913,19 @@ static int __net_init xfrm_net_init(struct net *net)
        rv = xfrm_sysctl_init(net);
        if (rv < 0)
                goto out_sysctl;
+        rv = flow_cache_init(net);
+        if (rv < 0)
+                goto out;
        /* Initialize the per-net locks here */
        spin_lock_init(&net->xfrm.xfrm_state_lock);
        rwlock_init(&net->xfrm.xfrm_policy_lock);
        mutex_init(&net->xfrm.xfrm_cfg_mutex);
-        flow_cache_init(net);
        return 0;
+out:
+        xfrm_sysctl_fini(net);
 out_sysctl:
        xfrm_policy_fini(net);
 out_policy:
@@ -2934,6 +2938,7 @@ out_statistics:
 static void __net_exit xfrm_net_exit(struct net *net)
 {
+        flow_cache_fini(net);
        xfrm_sysctl_fini(net);
        xfrm_policy_fini(net);
        xfrm_state_fini(net);
author	Steffen Klassert <steffen.klassert@secunet.com>	2014-03-12 04:43:17 -0400
committer	David S. Miller <davem@davemloft.net>	2014-03-12 15:31:18 -0400
commit	4a93f5095a628d812b0b30c16d7bacea1efd783c (patch)
tree	58d93f95f1e9a63cd0b1e052ddf2e32e0c7eb390 /net
parent	1f36fc74d87fd6b09d8326879882a60c5399fe29 (diff)

diff --git a/net/core/flow.c b/net/core/flow.c index 102f8ea2eb6e..31cfb365e0c6 100644 --- a/net/core/flow.c +++ b/net/core/flow.c
@@ -484,3 +484,22 @@ err:
484	return -ENOMEM;	484	return -ENOMEM;
485	}	485	}
486	EXPORT_SYMBOL(flow_cache_init);	486	EXPORT_SYMBOL(flow_cache_init);
		487
		488	void flow_cache_fini(struct net *net)
		489	{
		490	int i;
		491	struct flow_cache *fc = &net->xfrm.flow_cache_global;
		492
		493	del_timer_sync(&fc->rnd_timer);
		494	unregister_hotcpu_notifier(&fc->hotcpu_notifier);
		495
		496	for_each_possible_cpu(i) {
		497	struct flow_cache_percpu *fcp = per_cpu_ptr(fc->percpu, i);
		498	kfree(fcp->hash_table);
		499	fcp->hash_table = NULL;
		500	}
		501
		502	free_percpu(fc->percpu);
		503	fc->percpu = NULL;
		504	}
		505	EXPORT_SYMBOL(flow_cache_fini);


diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index a75fae4b045a..f02f511b7107 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c
@@ -2913,15 +2913,19 @@ static int __net_init xfrm_net_init(struct net *net)
2913	rv = xfrm_sysctl_init(net);	2913	rv = xfrm_sysctl_init(net);
2914	if (rv < 0)	2914	if (rv < 0)
2915	goto out_sysctl;	2915	goto out_sysctl;
		2916	rv = flow_cache_init(net);
		2917	if (rv < 0)
		2918	goto out;
2916		2919
2917	/* Initialize the per-net locks here */	2920	/* Initialize the per-net locks here */
2918	spin_lock_init(&net->xfrm.xfrm_state_lock);	2921	spin_lock_init(&net->xfrm.xfrm_state_lock);
2919	rwlock_init(&net->xfrm.xfrm_policy_lock);	2922	rwlock_init(&net->xfrm.xfrm_policy_lock);
2920	mutex_init(&net->xfrm.xfrm_cfg_mutex);	2923	mutex_init(&net->xfrm.xfrm_cfg_mutex);
2921		2924
2922	flow_cache_init(net);
2923	return 0;	2925	return 0;
2924		2926
		2927	out:
		2928	xfrm_sysctl_fini(net);
2925	out_sysctl:	2929	out_sysctl:
2926	xfrm_policy_fini(net);	2930	xfrm_policy_fini(net);
2927	out_policy:	2931	out_policy:
@@ -2934,6 +2938,7 @@ out_statistics:
2934		2938
2935	static void __net_exit xfrm_net_exit(struct net *net)	2939	static void __net_exit xfrm_net_exit(struct net *net)
2936	{	2940	{
		2941	flow_cache_fini(net);
2937	xfrm_sysctl_fini(net);	2942	xfrm_sysctl_fini(net);
2938	xfrm_policy_fini(net);	2943	xfrm_policy_fini(net);
2939	xfrm_state_fini(net);	2944	xfrm_state_fini(net);