[PATCH 3/3] Compare namespaces when comparing addresses in auth_unix cache.

Rob Landley rlandley at parallels.com
Mon Apr 11 06:29:06 PDT 2011


On 04/08/2011 10:08 AM, Rob Landley wrote:
> On 04/04/2011 10:46 PM, Serge E. Hallyn wrote:
>> Does this need to take a reference?  Or is there no way for an
>> entry to outlive its netns?  It sort of looks like
>> svcauth_unix_info_release will ensure that doesn't happen, but
>> I'm not convinced because other parts of the kernel can get
>> to ip_map_init through the struct cache_detail.
> 
> When I wrote this I thought the transport's get_net() and put_net()
> would pin it, but after re-reading, the sunrpc code is disgustingly
> convoluted enough that I can't easily reconstruct my earlier reasoning.
>  I'll add a get_net() and put_net() just to not have to worry about it.

Ah-ha!

Stanislav Kinsbursky helped me reconstruct some of the reasoning: we
don't need to take a reference because we never actually dereference the
struct net *, all we do is feed them to net_eq() which just compares the
pointers for equality.  (The inline function exists so it can compile to
a constant "return 1" when configured out.)

So if the network context did go away (which still shouldn't happen
between the rpc_xprt and the struct nfs_client having references to it)
we still wouldn't have a use-after-free problem because we're not
looking at the memory, just the pointer.

So I shouldn't need to add get_net() and put_net() to the cache.  Sound
about right?

Rob


More information about the Containers mailing list