lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 30 Oct 2007 01:10:36 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	paulmck@...ux.vnet.ibm.com
Cc:	linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
	SteveW@....org, dipankar@...ibm.com
Subject: Re: dn_route.c momentarily exiting RCU read-side critical section

From: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
Date: Mon, 29 Oct 2007 14:15:40 -0700

> net/decnet/dn_route.c in dn_rt_cache_get_next() is as follows:
> 
> static struct dn_route *dn_rt_cache_get_next(struct seq_file *seq, struct dn_route *rt)
> {
> 	struct dn_rt_cache_iter_state *s = rcu_dereference(seq->private);
> 
> 	rt = rt->u.dst.dn_next;
> 	while(!rt) {
> 		rcu_read_unlock_bh();
> 		if (--s->bucket < 0)
> 			break;
> 
> ...  But what happens if seq->private is freed up right here?
> ...  Or what prevents this from happening?
 ...
> Similar code is in rt_cache_get_next().
> 
> So, what am I missing here?

seq->private is allocated on file open (here via seq_open_private()),
and freed up on file close (via seq_release_private).

So it cannot be freed up in the middle of an iteration.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ