lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 15 Jan 2010 06:59:25 +0100
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	paulmck@...ux.vnet.ibm.com
CC:	dim@...nvz.org, netdev@...r.kernel.org
Subject: Re: What protects rcu_dereference() in __sk_free()?

Le 14/01/2010 19:41, Paul E. McKenney a écrit :
> Hello, Dmitry,
> 
> Could you please tell me what protects the rcu_dereference() in
> __sk_free()?  I am adding lockdep-based checking to RCU, and
> "git blame" said I should ask you about this one.
> 
> The current code, rcu_dereference(), assumes that this is protected only
> by RCU-bh.  My problem might be any of the following:
> 
> o	Some other flavor of RCU protects this, e.g., RCU-sched, which
> 	would require rcu_dereference_sched() in place of my current
> 	rcu_dereference_bh() for RCU-bh.
> 
> o	This is called from updates as well as from readers, and
> 	some lock protects the updates.
> 
> o	This is called during initialization, when this pointer is
> 	inaccessible to readers.
> 	
> Please note that I can add a check to cover multiple possibilities.
> For a real example in include/linux/fdtable.h:
> 
> 	file = rcu_dereference_check(fdt->fd[fd],
> 				     rcu_read_lock_held() ||
> 				     lockdep_is_held(&files->file_lock) ||
> 				     atomic_read(&files->count) == 1);
> 
> The first argument is the pointer, and the second argument says that
> this may be protected by either RCU (as opposed to RCU-bh, RCU-sched,
> or SRCU), the files->file_lock as recorded by lockdep, or by being in
> a single-threaded process as noted by the value of files->count.
> (Please see http://lwn.net/Articles/368683/ for a recent patch, another
> will go out soon.)
> 
> So, could you please tell me what protects the rcu_dereference() in
> __sk_free() so that I can craft the appropriate form of rcu_dereference()?
> 

Hi Paul

filter = rcu_dereference(sk->sk_filter);

is probably not really needed, current thread being the one doing socket destruction,
and has a writer role.

void sk_free(struct sock *sk)
{
	if (atomic_dec_and_test(&sk->sk_wmem_alloc))
		__sk_free(sk);
}

So the protection comes from the atomic_dec_and_test() that acts as a lock.

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ