tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

xfrm: check all hash buckets for leftover states during netns deletion

The current hlist_empty checks only test the first bucket of each
hashtable, ignoring any other bucket. They should be caught by the
WARN_ON for state_all, but better to make all the checks accurate.

Fixes: 73d189dce486 ("netns xfrm: per-netns xfrm_state_bydst hash")
Fixes: d320bbb306f2 ("netns xfrm: per-netns xfrm_state_bysrc hash")
Fixes: b754a4fd8f58 ("netns xfrm: per-netns xfrm_state_byspi hash")
Fixes: fe9f1d8779cb ("xfrm: add state hashtable keyed by seq")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

authored by

Sabrina Dubroca and committed by
Steffen Klassert f2bc8231 1dcf617b

+8 -4
+8 -4
net/xfrm/xfrm_state.c
··· 3308 3308 void xfrm_state_fini(struct net *net) 3309 3309 { 3310 3310 unsigned int sz; 3311 + int i; 3311 3312 3312 3313 flush_work(&net->xfrm.state_hash_work); 3313 3314 xfrm_state_flush(net, 0, false); ··· 3316 3315 3317 3316 WARN_ON(!list_empty(&net->xfrm.state_all)); 3318 3317 3318 + for (i = 0; i <= net->xfrm.state_hmask; i++) { 3319 + WARN_ON(!hlist_empty(net->xfrm.state_byseq + i)); 3320 + WARN_ON(!hlist_empty(net->xfrm.state_byspi + i)); 3321 + WARN_ON(!hlist_empty(net->xfrm.state_bysrc + i)); 3322 + WARN_ON(!hlist_empty(net->xfrm.state_bydst + i)); 3323 + } 3324 + 3319 3325 sz = (net->xfrm.state_hmask + 1) * sizeof(struct hlist_head); 3320 - WARN_ON(!hlist_empty(net->xfrm.state_byseq)); 3321 3326 xfrm_hash_free(net->xfrm.state_byseq, sz); 3322 - WARN_ON(!hlist_empty(net->xfrm.state_byspi)); 3323 3327 xfrm_hash_free(net->xfrm.state_byspi, sz); 3324 - WARN_ON(!hlist_empty(net->xfrm.state_bysrc)); 3325 3328 xfrm_hash_free(net->xfrm.state_bysrc, sz); 3326 - WARN_ON(!hlist_empty(net->xfrm.state_bydst)); 3327 3329 xfrm_hash_free(net->xfrm.state_bydst, sz); 3328 3330 free_percpu(net->xfrm.state_cache_input); 3329 3331 }