Commit 6c36b5c2 authored by Eric Dumazet's avatar Eric Dumazet Committed by Jakub Kicinski
Browse files

net: tipc: remove one synchronize_net() from tipc_nametbl_stop() 



tipc_exit_net() is very slow and is abused by syzbot.

tipc_nametbl_stop() is called for each netns being dismantled.

Calling synchronize_net() right before freeing tn->nametbl
is a big hammer.

Replace this with kfree_rcu().

Note that RCU is not properly used here, otherwise
tn->nametbl should be cleared before the synchronize_net()
or kfree_rcu(), or even before the cleanup loop.

We might need to fix this at some point.

Also note tipc uses other synchronize_rcu() calls,
more work is needed to make tipc_exit_net() much faster.

List of remaining calls to synchronize_rcu()

  tipc_detach_loopback() (dev_remove_pack())
  tipc_bcast_stop()
  tipc_sk_rht_destroy()

Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
Link: https://patch.msgid.link/20241204210234.319484-1-edumazet@google.com


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent e36d46b9

net/tipc/name_table.c

+2 −2
Original line number Diff line number Diff line
@@ -949,8 +949,8 @@ void tipc_nametbl_stop(struct net *net) 
	}

	spin_unlock_bh(&tn->nametbl_lock);



	synchronize_net();

	kfree(nt);

	/* TODO: clear tn->nametbl, implement proper RCU rules ? */

	kfree_rcu(nt, rcu);

}



static int __tipc_nl_add_nametable_publ(struct tipc_nl_msg *msg,

net/tipc/name_table.h

+2 −0
Original line number Diff line number Diff line
@@ -90,6 +90,7 @@ struct publication { 


/**

 * struct name_table - table containing all existing port name publications

 * @rcu: RCU callback head used for deferred freeing

 * @services: name sequence hash lists

 * @node_scope: all local publications with node scope

 *               - used by name_distr during re-init of name table
@@ -102,6 +103,7 @@ struct publication { 
 * @snd_nxt: next sequence number to be used

 */

struct name_table {

	struct rcu_head rcu;

	struct hlist_head services[TIPC_NAMETBL_SIZE];

	struct list_head node_scope;

	struct list_head cluster_scope;