[ovs-git] [openvswitch/ovs] e21341: conntrack: Fix race for NAT cleanup.

Ben Pfaff noreply at github.com
Fri Mar 15 22:56:07 UTC 2019


  Branch: refs/heads/branch-2.10
  Home:   https://github.com/openvswitch/ovs
  Commit: e21341681fe3121267746c42f8afe14bb9c03e06
      https://github.com/openvswitch/ovs/commit/e21341681fe3121267746c42f8afe14bb9c03e06
  Author: Darrell Ball <dlu998 at gmail.com>
  Date:   2019-03-15 (Fri, 15 Mar 2019)

  Changed paths:
    M lib/conntrack.c

  Log Message:
  -----------
  conntrack: Fix race for NAT cleanup.

Reference lists are not fully protected during cleanup of
NAT connections where the bucket lock is transiently not held during
list traversal.  This can lead to referencing freed memory during
cleaning from multiple contexts.  Fix this by protecting with
the existing 'cleanup' mutex in the missed cases where 'conn_clean()'
is called.  'conntrack_flush()' is converted to expiry list traversal
to support the proper bucket level protection with the 'cleanup' mutex.

The NAT exhaustion case cleanup in 'conn_not_found()' is also modified
to avoid the same issue.

Fixes: 286de2729955 ("dpdk: Userspace Datapath: Introduce NAT Support.")
Reported-by: solomon <liwei.solomon at gmail.com>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2019-March/357056.html
Tested-by: solomon <liwei.solomon at gmail.com>
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>




More information about the git mailing list