Re: [PATCH net 2/2] ovpn: respect peer refcount in CMD_NEW_PEER error path

Next message: Ewan Hai: "Re: [PATCH 0/5] KVM: x86: Expose Zhaoxin CPUID 0xC0000001 EDX cryptographic features"
Previous message: Gabriele Monaco: "Re: [RFC PATCH v2 02/10] rv/da: fix per-task da_monitor_destroy() ordering and sync"
In reply to: Sabrina Dubroca: "Re: [PATCH net 2/2] ovpn: respect peer refcount in CMD_NEW_PEER error path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Antonio Quartulli

Date: Wed May 13 2026 - 05:32:14 EST

On 12/05/2026 17:13, Sabrina Dubroca wrote:

2026-05-12, 05:19:13 +0100, David Carlier wrote:

diff --git a/drivers/net/ovpn/netlink.c b/drivers/net/ovpn/netlink.c
index 291e2e5bb450..4c66c1ec497e 100644
--- a/drivers/net/ovpn/netlink.c
+++ b/drivers/net/ovpn/netlink.c
@@ -462,10 +462,12 @@ int ovpn_nl_peer_new_doit(struct sk_buff *skb, struct genl_info *info)
sock_release:
ovpn_socket_release(peer);
peer_release:
- /* release right away because peer was not yet hashed, thus it is not
- * used in any context
+ /* For UDP, the peer is unreachable until added to the hashtables, so
+ * dropping the initial reference is enough. For TCP, the peer may be
+ * concurrently reachable via sk_user_data->peer until
+ * ovpn_socket_release() detaches; rely on the refcount.
*/
- ovpn_peer_release(peer);
+ ovpn_peer_put(peer);
return ret;
}

nit: after this change, ovpn_peer_release() is only used within
peer.c, and can become static.

I think it'd be nicer to do that now with a v2, but if Antonio wants
to pick this patch up directly, the fix LGTM:

Reviewed-by: Sabrina Dubroca <sd@xxxxxxxxxxxxxxx>

I think it makes sense to make it static now.

@David: how about sending v2 with this change included?

Thanks a lot!
Regards,

--
Antonio Quartulli
OpenVPN Inc.