From c244aadc74a2558bb777d1f81f79a0a5f90f13fe Mon Sep 17 00:00:00 2001 From: Stefan Bader Date: Mon, 1 Oct 2012 11:08:26 +0200 Subject: [PATCH] UBUNTU: net/ipv4: Do not create routes with daddr=saddr=0 When ip_route_connect() finds daddr or saddr not set, it will make a call to __ip_route_output_key() which will fill in some values into flow. A testcase which would first unshare the network (create its own net namespace) and then trying to connect to an unused local port (via lo) showed that in that case lo will still have a refcount of 2 and the namespace cannot be cleaned up. Looking into the details it is the call to __mkroute_output() together with the result being added to the cache which holds those 2 references. This raises many questions: - why is __mkroute_output called with orig_daddr and orig_saddr (which both are still 0)? - is creating the route key necessary in cases where saddr or daddr (or both) are 0? - the route_put() in ip_route_connect() will not clean up the key because DST_NOCACHE is not set. What should clean up the element? Since I do not have any background information here, I tried a practical approach. In the special case I am looking at, both saddr and daddr where 0 (but maybe the test should be an or as the test that triggers the first call to __ip_route_output_key()), so I skip the creation of a route element and return NULL. With the testcase this seems to suceed in preventing the dangling references and I have not yet seen any bad effect of it. But I am well aware that it is quite a hack. Signed-off-by: Stefan Bader --- net/ipv4/route.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 7f9983f..032004f 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -2823,6 +2823,11 @@ static struct rtable *ip_route_output_slow(struct net *net, struct flowi4 *fl4) make_route: + if (!orig_daddr && !orig_saddr) { + rth = NULL; + goto out; + } + rth = __mkroute_output(&res, fl4, orig_daddr, orig_saddr, orig_oif, tos, dev_out, flags); if (!IS_ERR(rth)) { -- 1.7.9.5