From patchwork Tue Mar 17 14:19:16 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 4841 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:2755:b0:83c:d90d:321 with SMTP id j21csp3607124maq; Tue, 17 Mar 2026 07:19:55 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXUaYbdLvjlFHwOXWS3BLcQhmBoPxUbj84VE1f/pH0mq1cHbJ75DERTf3pu679IMHzLQyBCy2LHnHw=@openvpn.net X-Received: by 2002:a05:6870:309:b0:40e:95b9:40e6 with SMTP id 586e51a60fabf-417b946c51fmr9351131fac.40.1773757195378; Tue, 17 Mar 2026 07:19:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1773757195; cv=none; d=google.com; s=arc-20240605; b=OWcEORkhSKncB1a1y7daAuBIUNrChSJppatZdT0XHI6U4WF5/7OB7Vdv4nVyxLdCYF m5RR8MAiEjg0sZXW1qsztP3JKEVfWUd6QmvhDzDcrf4JSRFkyxrxwm8eWtaUSiNDUhLI 3SpJnIGJWsACp3PHdhAufS9QTkS5eF94EtdHVlFl8mLO3OoTOoyFQ0zWFrk3xdS5qlo+ EXO72YCLwkzjkG0XC/4EZdLP8XRJRyWAiUAGFpbNCbyE0CDNiVRBd/rpYaEqP/KAH868 3ekaK6Z36FkoBLSKLnzRmVlijTII81+DCGEeE0DBpdQZk1jh76DXXgpV5NUPi7o3TXbl q4Aw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature :dkim-signature:dkim-signature; bh=X0Qgj5Bb8jR9a/SMLy+Zv+E0qgMiny15lmDhdt8s528=; fh=hth+o2qY+ZGDfY34eNJUiMUFQ75KstAW1r7/nxMh3oI=; b=J9mQEVV8oc7OVUEgy/D8BQkTAR4EAOl9yYNiCFLs0HNXCoddjLbdb9KmYDvZqJd166 0PAiq77M57Gfem8rhcyLRJVtun8rPfu3xa95tVoYjMQVhdrUHGW5Z0v+1s/nTqKZPw1H zcZNfmsskjKc0PeM69pKk43KN68dSPEwNUhXQTp74D/Gj5wEcrqjQ3pv+4S3y0YYkA7e aiWwjZ56ZYlI5rPRYFKR1lEu6aghffZcYkmY6bzNE21PDvSPJBFM/hnzvd0Sh/7ISEe0 wXHNZO30kXA4Z+1FiaY4/zCl0V4SiHwPw5AZOibKDDINiPihBygK93xWO+DSQGN9vqxL cloQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=bNQSx7Bg; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=RQhAUXOU; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Qqv6a366; dkim=neutral (body hash did not verify) header.i=@unstable.cc header.s=MBO0001 header.b=zC0s1rvq; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-4177e28af60si11742672fac.103.2026.03.17.07.19.55 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 17 Mar 2026 07:19:55 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=bNQSx7Bg; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=RQhAUXOU; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Qqv6a366; dkim=neutral (body hash did not verify) header.i=@unstable.cc header.s=MBO0001 header.b=zC0s1rvq; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:Cc: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:Message-ID:Date:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Owner; bh=X0Qgj5Bb8jR9a/SMLy+Zv+E0qgMiny15lmDhdt8s528=; b=bNQSx7BgH1GHJXRB4bv4cFevqp EHQq93Sn6c4QaI71Ic4yDaOjHHdgqh7O0SXpZmrSaIM40qqcSltndqKOH7Pkxrp5qncnxJ2xKj598 xYqZDtrrkXlg20XTfHc0onzAzrf4KRkUXNOWEw3prgrSPgfl0ViweumG9rEqpZ/gUkJ0=; Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1w2VGw-0006Zo-2M; Tue, 17 Mar 2026 14:19:50 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1w2VGu-0006Zf-3S for openvpn-devel@lists.sourceforge.net; Tue, 17 Mar 2026 14:19:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-ID: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=g8GNNA8JoAcg5vH7uOaj76wv6d6T1JhpfFJ9qopiUNs=; b=RQhAUXOUmZCgyZisfIm5+FGbU5 In+psmVVmKn2G0HGSgISmN5BPxybqAoKS71G4caIn1tCR5A0Qqdb9R53pPAdwzQcKPuFm0z3cjF4d ZPvQQDwXe72BmLLZD4dHGJDtTEBfCezyKdfFfyA7waKm8TXSKFTtRCjiZo8TcWlkvb1M=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-ID:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=g8GNNA8JoAcg5vH7uOaj76wv6d6T1JhpfFJ9qopiUNs=; b=Q qv6a3664BB0NNiPplcbIy7mgiHEKLCPpu5StaiwHQRoqFD+HhUEqz+9D1/DEdvYMdZcvS5kcIgI9b v9v/GLs11oYFLeLKvZS0fdMfD4U5Y4/WU1MYR98vbNlvWo7woMJmJ60wAZUyheGSjalI13y48SBwk hjYKfI0tFmFwQpzg=; Received: from mout-p-202.mailbox.org ([80.241.56.172]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1w2VGt-0002Qp-6s for openvpn-devel@lists.sourceforge.net; Tue, 17 Mar 2026 14:19:48 +0000 Received: from smtp2.mailbox.org (smtp2.mailbox.org [IPv6:2001:67c:2050:b231:465::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-202.mailbox.org (Postfix) with ESMTPS id 4fZvGs4Ny9z9tnK; Tue, 17 Mar 2026 15:19:33 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=unstable.cc; s=MBO0001; t=1773757173; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=g8GNNA8JoAcg5vH7uOaj76wv6d6T1JhpfFJ9qopiUNs=; b=zC0s1rvqKObI/kPhI109ho/C7vJoMyaOpvVScek4SVo6EOvmgrpbRc/WttelnqxLs58Y1z bVoD2S/h5vwlitdSz/5K73JRe62TSm91KMJuCY505PKYATNoHYNVcjLUZu+2otU2tkDbmJ x6+qObaEb/oJ2jf8XfZ0qY5bSJZWFlY3P/XOYoqSIttm9ArLphcaipzp5HVqHiIiaO584c xjt910sLmm60Z4Lb1ou4b2LqXROJWmAgjzxpIJSsd2LaYQbbS7CFZYOnLXKet3C3LH+Rej LzlnLiZldSecyKhc1YgZrgydVqZuXrv/LTZRV+a0lBA6+erNFjIF5Mg5utHGiA== Authentication-Results: outgoing_mbo_mout; dkim=none; spf=pass (outgoing_mbo_mout: domain of a@unstable.cc designates 2001:67c:2050:b231:465::2 as permitted sender) smtp.mailfrom=a@unstable.cc From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Tue, 17 Mar 2026 15:19:16 +0100 Message-ID: <20260317141916.437559-1-a@unstable.cc> MIME-Version: 1.0 X-Rspamd-Queue-Id: 4fZvGs4Ny9z9tnK X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Antonio Quartulli While deleting an existing ovpn interface, there is a very narrow window where adding a new peer via netlink may cause the netdevice to hang and prevent its unregistration. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-Headers-End: 1w2VGt-0002Qp-6s Subject: [Openvpn-devel] [PATCH ovpn net] ovpn: fix race between deleting interface and adding new peer X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Sabrina Dubroca , Antonio Quartulli , Hyunwoo Kim Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1859919225194852904?= X-GMAIL-MSGID: =?utf-8?q?1859919225194852904?= From: Antonio Quartulli While deleting an existing ovpn interface, there is a very narrow window where adding a new peer via netlink may cause the netdevice to hang and prevent its unregistration. It may happen during ovpn_dellink(), when all existing peers are freed and the device is queued for deregistration, but a CMD_PEER_NEW message comes in adding a new peer that takes again a reference to the netdev. At this point there is no way to release the device because we are under the assumption that all peers were already released. Fix the race condition by releasing all peers in ndo_uninit(), when the netdevice has already been removed from the netdev list and thus an incoming CMD_PEER_NEW cannot have any effect anymore. At this point ovpn_dellink() becomes empty and can just be removed. Reported-by: Hyunwoo Kim Closes: https://lore.kernel.org/netdev/aaVgJ16edTfQkYbx@v4bel/ Suggested-by: Sabrina Dubroca Fixes: 80747caef33d ("ovpn: introduce the ovpn_peer object") Signed-off-by: Antonio Quartulli --- drivers/net/ovpn/main.c | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/drivers/net/ovpn/main.c b/drivers/net/ovpn/main.c index 2e0420febda0..0eab305780c7 100644 --- a/drivers/net/ovpn/main.c +++ b/drivers/net/ovpn/main.c @@ -92,6 +92,8 @@ static void ovpn_net_uninit(struct net_device *dev) { struct ovpn_priv *ovpn = netdev_priv(dev); + cancel_delayed_work_sync(&ovpn->keepalive_work); + ovpn_peers_free(ovpn, NULL, OVPN_DEL_PEER_REASON_TEARDOWN); gro_cells_destroy(&ovpn->gro_cells); } @@ -208,15 +210,6 @@ static int ovpn_newlink(struct net_device *dev, return register_netdevice(dev); } -static void ovpn_dellink(struct net_device *dev, struct list_head *head) -{ - struct ovpn_priv *ovpn = netdev_priv(dev); - - cancel_delayed_work_sync(&ovpn->keepalive_work); - ovpn_peers_free(ovpn, NULL, OVPN_DEL_PEER_REASON_TEARDOWN); - unregister_netdevice_queue(dev, head); -} - static int ovpn_fill_info(struct sk_buff *skb, const struct net_device *dev) { struct ovpn_priv *ovpn = netdev_priv(dev); @@ -235,7 +228,6 @@ static struct rtnl_link_ops ovpn_link_ops = { .policy = ovpn_policy, .maxtype = IFLA_OVPN_MAX, .newlink = ovpn_newlink, - .dellink = ovpn_dellink, .fill_info = ovpn_fill_info, };