On Tue, Jun 19, 2018 at 6:39 AM, Davide Caratti <dcara...@redhat.com> wrote: > a recursive lock warning [1] can be observed with the following script, > > # $TC actions add action ife encode allow prio pass index 42 > IFE type 0xED3E > # $TC actions replace action ife encode allow tcindex pass index 42 > > in case the kernel was unable to run the last command (e.g. because of > the impossibility to load 'act_meta_skbtcindex'). For a similar reason, > the kernel can leak idr in the error path of tcf_ife_init(), because > tcf_idr_release() is not called after successful idr reservation: > > # $TC actions add action ife encode allow tcindex index 47 > IFE type 0xED3E > RTNETLINK answers: No such file or directory > We have an error talking to the kernel > # $TC actions add action ife encode allow tcindex index 47 > IFE type 0xED3E > RTNETLINK answers: No space left on device > We have an error talking to the kernel > # $TC actions add action ife encode use mark 7 type 0xfefe pass index 47 > IFE type 0xFEFE > RTNETLINK answers: No space left on device > We have an error talking to the kernel > > Since tcfa_lock is already taken when the action is being edited, a call > to tcf_idr_release() wrongly makes tcf_idr_cleanup() take the same lock > again. On the other hand, tcf_idr_release() needs to be called in the > error path of tcf_ife_init(), to undo the last tcf_idr_create() invocation. > Fix both problems in tcf_ife_init(). > Since the cleanup() routine can now be called when ife->params is NULL, > also add a NULL pointer check to avoid calling kfree_rcu(NULL, rcu).
Acked-by: Cong Wang <xiyou.wangc...@gmail.com>
