proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-07-26 02:39:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #17143 from FRRouting/mergify/bp/dev/10.2/pr-17020

Browse Source 
zebra: fix heap-use-after free on ns shutdown (backport #17020)
This commit is contained in:
Donald Sharp 2024-10-16 15:23:38 -04:00 committed by GitHub
commit d8fc147d2c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
zebra/main.c
View File

@ -238,7 +238,7 @@ void zebra_finalize(struct event *dummy)
zebra_ns_notify_close(); zebra_ns_notify_close();
/* Final shutdown of ns resources */ /* Final shutdown of ns resources */
ns_walk_func(zebra_ns_final_shutdown, NULL, NULL); ns_walk_func(zebra_ns_kernel_shutdown, NULL, NULL);
zebra_rib_terminate(); zebra_rib_terminate();
zebra_router_terminate(); zebra_router_terminate();
@ -251,6 +251,8 @@ void zebra_finalize(struct event *dummy)
label_manager_terminate(); label_manager_terminate();
ns_walk_func(zebra_ns_final_shutdown, NULL, NULL);
ns_terminate(); ns_terminate();
frr_fini(); frr_fini();
exit(0); exit(0);

20
zebra/zebra_ns.c
View File

@ -175,6 +175,22 @@ int zebra_ns_early_shutdown(struct ns *ns,
return NS_WALK_CONTINUE; return NS_WALK_CONTINUE;
} }
/* During zebra shutdown, do kernel cleanup
* netlink sockets, ..
*/
int zebra_ns_kernel_shutdown(struct ns *ns, void *param_in __attribute__((unused)),
void **param_out __attribute__((unused)))
{
struct zebra_ns *zns = ns->info;
if (zns == NULL)
return NS_WALK_CONTINUE;
kernel_terminate(zns, true);
return NS_WALK_CONTINUE;
}
/* During zebra shutdown, do final cleanup /* During zebra shutdown, do final cleanup
* after all dataplane work is complete. * after all dataplane work is complete.
*/ */
@ -185,9 +201,7 @@ int zebra_ns_final_shutdown(struct ns *ns,
struct zebra_ns *zns = ns->info; struct zebra_ns *zns = ns->info;
if (zns == NULL) if (zns == NULL)
return 0; return NS_WALK_CONTINUE;
kernel_terminate(zns, true);
zebra_ns_delete(ns); zebra_ns_delete(ns);

2
zebra/zebra_ns.h
View File

@ -70,6 +70,8 @@ int zebra_ns_early_shutdown(struct ns *ns,
int zebra_ns_final_shutdown(struct ns *ns, int zebra_ns_final_shutdown(struct ns *ns,
void *param_in __attribute__((unused)), void *param_in __attribute__((unused)),
void **param_out __attribute__((unused))); void **param_out __attribute__((unused)));
int zebra_ns_kernel_shutdown(struct ns *ns, void *param_in __attribute__((unused)),
void **param_out __attribute__((unused)));
void zebra_ns_startup_continue(struct zebra_dplane_ctx *ctx); void zebra_ns_startup_continue(struct zebra_dplane_ctx *ctx);