Re: [PATCH net-next v18 07/25] ovpn: implement basic TX path (UDP)

From: Antonio Quartulli
Date: Wed Feb 05 2025 - 04:11:49 EST

Next message: Colin Ian King: "[PATCH][next] scsi: mpi3mr: Fix spelling mistake "skiping" -> "skipping""
Previous message: Juergen Gross: "[PATCH] x86/xen: add FRAME_END to xen_hypercall_hvm()"
In reply to: Sabrina Dubroca: "Re: [PATCH net-next v18 07/25] ovpn: implement basic TX path (UDP)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 04/02/2025 17:18, Sabrina Dubroca wrote:

2025-02-03, 10:52:41 +0100, Sabrina Dubroca wrote:

2025-01-13, 10:31:26 +0100, Antonio Quartulli wrote:

+static void ovpn_encrypt_post(struct sk_buff *skb, int ret)
+{
+ struct ovpn_peer *peer = ovpn_skb_cb(skb)->peer;
+
+ if (unlikely(ret < 0))
+ goto err;
+
+ skb_mark_not_on_list(skb);
+
+ switch (peer->sock->sock->sk->sk_protocol) {

We have a ref on the peer, but not on the ovpn_sock. DEL_PEER could
have detached the sock by the time the crypto completes.

(unfortunately I don't have any idea to fix this yet)

Maybe an idea:

Since ovpn_sock itself lives under RCU (because of sk_user_data),
peer->sock should be an RCU pointer and also follow RCU rules. For
most parts (io.c, netlink.c) the conversion is not too
problematic. TCP is more difficult.

I still need to think about whether this works, and whether this is
worth the complexity, or if we could solve this in another way.

It may actually be a reasonable solution.
And maybe it is not that complex to get done.

I'll see what I come up with.

Regards,

--
Antonio Quartulli
OpenVPN Inc.

Next message: Colin Ian King: "[PATCH][next] scsi: mpi3mr: Fix spelling mistake "skiping" -> "skipping""
Previous message: Juergen Gross: "[PATCH] x86/xen: add FRAME_END to xen_hypercall_hvm()"
In reply to: Sabrina Dubroca: "Re: [PATCH net-next v18 07/25] ovpn: implement basic TX path (UDP)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]