Message ID | 148045748887.22539.3188295553967836703.stgit@sifl |
---|---|
State | Changes Requested, archived |
Delegated to: | David Miller |
Headers | show |
On Tue, Nov 29, 2016 at 5:11 PM, Paul Moore <pmoore@redhat.com> wrote: > From: Paul Moore <paul@paul-moore.com> > > Bring back commit bc51dddf98c9 ("netns: avoid disabling irq for netns > id") now that we've fixed some audit multicast issues that caused > problems with original attempt. Additional information, and history, > can be found in the links below: > > * https://github.com/linux-audit/audit-kernel/issues/22 > * https://github.com/linux-audit/audit-kernel/issues/23 > > Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> > Signed-off-by: Paul Moore <paul@paul-moore.com> > --- > net/core/net_namespace.c | 35 +++++++++++++++-------------------- > 1 file changed, 15 insertions(+), 20 deletions(-) Cong Wang, I added your sign-off to the patch since you were the original author, if you would prefer I leave it off or want it changed just let me know. David/netdev, since this depends on a bunch of audit changes (about nine patches) I went ahead and just merged this into the audit#next branch. If you have a problem with that let me know.
On Tue, Nov 29, 2016 at 2:14 PM, Paul Moore <pmoore@redhat.com> wrote: > On Tue, Nov 29, 2016 at 5:11 PM, Paul Moore <pmoore@redhat.com> wrote: >> From: Paul Moore <paul@paul-moore.com> >> >> Bring back commit bc51dddf98c9 ("netns: avoid disabling irq for netns >> id") now that we've fixed some audit multicast issues that caused >> problems with original attempt. Additional information, and history, >> can be found in the links below: >> >> * https://github.com/linux-audit/audit-kernel/issues/22 >> * https://github.com/linux-audit/audit-kernel/issues/23 >> >> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> >> Signed-off-by: Paul Moore <paul@paul-moore.com> >> --- >> net/core/net_namespace.c | 35 +++++++++++++++-------------------- >> 1 file changed, 15 insertions(+), 20 deletions(-) > > Cong Wang, I added your sign-off to the patch since you were the > original author, if you would prefer I leave it off or want it changed > just let me know. Thanks for not forgetting it. I am fine with signed-off-by.
From: Paul Moore <pmoore@redhat.com> Date: Tue, 29 Nov 2016 17:11:29 -0500 > From: Paul Moore <paul@paul-moore.com> > > Bring back commit bc51dddf98c9 ("netns: avoid disabling irq for netns > id") now that we've fixed some audit multicast issues that caused > problems with original attempt. Additional information, and history, > can be found in the links below: > > * https://github.com/linux-audit/audit-kernel/issues/22 > * https://github.com/linux-audit/audit-kernel/issues/23 > > Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> > Signed-off-by: Paul Moore <paul@paul-moore.com> This doesn't apply cleanly to the net-next tree, could you please respin? Thanks.
On Wed, Nov 30, 2016 at 2:58 PM, David Miller <davem@davemloft.net> wrote: > From: Paul Moore <pmoore@redhat.com> > Date: Tue, 29 Nov 2016 17:11:29 -0500 > >> From: Paul Moore <paul@paul-moore.com> >> >> Bring back commit bc51dddf98c9 ("netns: avoid disabling irq for netns >> id") now that we've fixed some audit multicast issues that caused >> problems with original attempt. Additional information, and history, >> can be found in the links below: >> >> * https://github.com/linux-audit/audit-kernel/issues/22 >> * https://github.com/linux-audit/audit-kernel/issues/23 >> >> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> >> Signed-off-by: Paul Moore <paul@paul-moore.com> > > This doesn't apply cleanly to the net-next tree, could you please > respin? As I mentioned in a reply to the patch posting, because this relies on a number of patches in the audit tree I've gone ahead and merged this patch into the audit#next branch. Unless you have any objections, I'll send this to Linus with the rest of the v4.10 audit patches.
From: Paul Moore <pmoore@redhat.com> Date: Wed, 30 Nov 2016 15:35:46 -0500 > On Wed, Nov 30, 2016 at 2:58 PM, David Miller <davem@davemloft.net> wrote: >> From: Paul Moore <pmoore@redhat.com> >> Date: Tue, 29 Nov 2016 17:11:29 -0500 >> >>> From: Paul Moore <paul@paul-moore.com> >>> >>> Bring back commit bc51dddf98c9 ("netns: avoid disabling irq for netns >>> id") now that we've fixed some audit multicast issues that caused >>> problems with original attempt. Additional information, and history, >>> can be found in the links below: >>> >>> * https://github.com/linux-audit/audit-kernel/issues/22 >>> * https://github.com/linux-audit/audit-kernel/issues/23 >>> >>> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> >>> Signed-off-by: Paul Moore <paul@paul-moore.com> >> >> This doesn't apply cleanly to the net-next tree, could you please >> respin? > > As I mentioned in a reply to the patch posting, because this relies on > a number of patches in the audit tree I've gone ahead and merged this > patch into the audit#next branch. Unless you have any objections, > I'll send this to Linus with the rest of the v4.10 audit patches. That's fine with me.
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c index 2c2eb1b..10608dd 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c @@ -213,14 +213,13 @@ static void rtnl_net_notifyid(struct net *net, int cmd, int id); */ int peernet2id_alloc(struct net *net, struct net *peer) { - unsigned long flags; bool alloc; int id; - spin_lock_irqsave(&net->nsid_lock, flags); + spin_lock_bh(&net->nsid_lock); alloc = atomic_read(&peer->count) == 0 ? false : true; id = __peernet2id_alloc(net, peer, &alloc); - spin_unlock_irqrestore(&net->nsid_lock, flags); + spin_unlock_bh(&net->nsid_lock); if (alloc && id >= 0) rtnl_net_notifyid(net, RTM_NEWNSID, id); return id; @@ -230,12 +229,11 @@ EXPORT_SYMBOL(peernet2id_alloc); /* This function returns, if assigned, the id of a peer netns. */ int peernet2id(struct net *net, struct net *peer) { - unsigned long flags; int id; - spin_lock_irqsave(&net->nsid_lock, flags); + spin_lock_bh(&net->nsid_lock); id = __peernet2id(net, peer); - spin_unlock_irqrestore(&net->nsid_lock, flags); + spin_unlock_bh(&net->nsid_lock); return id; } @@ -249,18 +247,17 @@ bool peernet_has_id(struct net *net, struct net *peer) struct net *get_net_ns_by_id(struct net *net, int id) { - unsigned long flags; struct net *peer; if (id < 0) return NULL; rcu_read_lock(); - spin_lock_irqsave(&net->nsid_lock, flags); + spin_lock_bh(&net->nsid_lock); peer = idr_find(&net->netns_ids, id); if (peer) get_net(peer); - spin_unlock_irqrestore(&net->nsid_lock, flags); + spin_unlock_bh(&net->nsid_lock); rcu_read_unlock(); return peer; @@ -404,17 +401,17 @@ static void cleanup_net(struct work_struct *work) for_each_net(tmp) { int id; - spin_lock_irq(&tmp->nsid_lock); + spin_lock_bh(&tmp->nsid_lock); id = __peernet2id(tmp, net); if (id >= 0) idr_remove(&tmp->netns_ids, id); - spin_unlock_irq(&tmp->nsid_lock); + spin_unlock_bh(&tmp->nsid_lock); if (id >= 0) rtnl_net_notifyid(tmp, RTM_DELNSID, id); } - spin_lock_irq(&net->nsid_lock); + spin_lock_bh(&net->nsid_lock); idr_destroy(&net->netns_ids); - spin_unlock_irq(&net->nsid_lock); + spin_unlock_bh(&net->nsid_lock); } rtnl_unlock(); @@ -542,7 +539,6 @@ static int rtnl_net_newid(struct sk_buff *skb, struct nlmsghdr *nlh) { struct net *net = sock_net(skb->sk); struct nlattr *tb[NETNSA_MAX + 1]; - unsigned long flags; struct net *peer; int nsid, err; @@ -563,15 +559,15 @@ static int rtnl_net_newid(struct sk_buff *skb, struct nlmsghdr *nlh) if (IS_ERR(peer)) return PTR_ERR(peer); - spin_lock_irqsave(&net->nsid_lock, flags); + spin_lock_bh(&net->nsid_lock); if (__peernet2id(net, peer) >= 0) { - spin_unlock_irqrestore(&net->nsid_lock, flags); + spin_unlock_bh(&net->nsid_lock); err = -EEXIST; goto out; } err = alloc_netid(net, peer, nsid); - spin_unlock_irqrestore(&net->nsid_lock, flags); + spin_unlock_bh(&net->nsid_lock); if (err >= 0) { rtnl_net_notifyid(net, RTM_NEWNSID, err); err = 0; @@ -693,11 +689,10 @@ static int rtnl_net_dumpid(struct sk_buff *skb, struct netlink_callback *cb) .idx = 0, .s_idx = cb->args[0], }; - unsigned long flags; - spin_lock_irqsave(&net->nsid_lock, flags); + spin_lock_bh(&net->nsid_lock); idr_for_each(&net->netns_ids, rtnl_net_dumpid_one, &net_cb); - spin_unlock_irqrestore(&net->nsid_lock, flags); + spin_unlock_bh(&net->nsid_lock); cb->args[0] = net_cb.idx; return skb->len;