Page MenuHomeFreeBSD
Differential D28705

Fix ifa refcount leak in ifa_ifwithnet()
ClosedPublic
Actions

Authored by rstone on Feb 16 2021, 4:19 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Apr 17, 12:10 PM
Unknown Object (File)
Thu, Apr 11, 9:27 AM
Unknown Object (File)
Mar 7 2024, 11:48 PM
Unknown Object (File)
Jan 16 2024, 3:48 AM
Unknown Object (File)
Sep 14 2023, 9:21 PM
Unknown Object (File)
Sep 10 2023, 7:51 AM
Unknown Object (File)
Aug 20 2023, 2:23 AM
Unknown Object (File)
Aug 5 2023, 2:40 PM
View All 22 Files
Subscribers
ae
glebius
imp
melifaro
mjg

Details

Reviewers
melifaro
Group Reviewers
network
Commits
rG617729314af3: Fix ifa refcount leak in ifa_ifwithnet()
rG5adea417d494: Fix ifa refcount leak in ifa_ifwithnet()
Summary

In 4f6c66cc9c75c8, ifa_ifwithnet() was changed to no longer
ifa_ref() the returned ifaddr, and instead the caller was required
to stay in the net_epoch for as long as they wanted the ifaddr
to remain valid. However, this missed the case where an AF_LINK
lookup would call ifaddr_byindex(), which still does ifa_ref()
the ifaddr. This would cause a refcount leak.

Fix this by inlining the relevant parts of ifaddr_byindex() here,
with the ifa_ref() call removed. This also avoids an unnecessary
entry and exit from the net_epoch for this case.

I've audited all in-tree consumers of ifa_ifwithnet() that could
possibly perform an AF_LINK lookup and confirmed that none of them
will expect the ifaddr to have a reference that they need to
release.

MFC after: 2 months
Sponsored by: Dell Inc

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

rstone created this revision.Feb 16 2021, 4:19 PM
Herald added subscribers: melifaro, ae, imp. · View Herald TranscriptFeb 16 2021, 4:20 PM
rstone requested review of this revision.Feb 16 2021, 4:20 PM
Harbormaster completed remote builds in B37055: Diff 84019.Feb 16 2021, 4:20 PM
rstone added a reviewer: network.Feb 16 2021, 4:20 PM
rstone abandoned this revision.Feb 16 2021, 4:25 PM
rstone reclaimed this revision.Apr 27 2021, 8:00 PM

I haven't been able to find a repro scenario for the leak outside of $WORK's repo, but by inspection this fix is obviously correct so I'm reopening this.

melifaro accepted this revision.Apr 27 2021, 8:31 PM
melifaro added inline comments.
sys/net/if.c
1964–1971

Q: why moving sdl declaration outside of the block it's used?

1966

This eliminates the last caller of the ifaddr_byindex(). Do we want to retire the function as well?
If not, maybe it's worth changing the function semantic to not reference the returned ifp, to match ifnet_byindex().

This revision is now accepted and ready to land.Apr 27 2021, 8:31 PM
rstone added inline comments.May 12 2021, 7:58 PM
sys/net/if.c
1964–1971

style(9) cleanup while I'm modifying this block anyway

1966

I think that removing the function entirely makes the most sense. I'll send a follow-up review that does this.

melifaro added inline comments.May 13 2021, 4:44 PM
sys/net/if.c
1964–1971

Iirc style(9) doesn’t require this anymore

mjg added a subscriber: mjg.Dec 9 2021, 10:01 PM

is this waiting for anything?

Herald added a subscriber: glebius. · View Herald TranscriptDec 9 2021, 10:01 PM
glebius added a comment.Dec 10 2021, 2:54 AM

If @rstone timeouts in a week, I'll take a look at this.

Closed by commit rG5adea417d494: Fix ifa refcount leak in ifa_ifwithnet() (authored by rstone). · Explain WhyJan 6 2022, 8:48 PM
This revision was automatically updated to reflect the committed changes.
rstone added a commit: rG5adea417d494: Fix ifa refcount leak in ifa_ifwithnet().
rstone added a commit: rG617729314af3: Fix ifa refcount leak in ifa_ifwithnet().Mar 7 2022, 5:46 PM

Revision Contents
Changeset List

PathSize
sys/
net/
12 lines

Diff 101061

View Options

sys/net/if.c

Loading...