[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <063D6719AE5E284EB5DD2968C1650D6DCFFBE8AF@AcuExch.aculab.com>
Date: Tue, 28 Mar 2017 09:33:21 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Elena Reshetova' <elena.reshetova@...el.com>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
"linux-rdma@...r.kernel.org" <linux-rdma@...r.kernel.org>,
"linux-hams@...r.kernel.org" <linux-hams@...r.kernel.org>,
"linux-ppp@...r.kernel.org" <linux-ppp@...r.kernel.org>,
"linux-wireless@...r.kernel.org" <linux-wireless@...r.kernel.org>,
"ganeshgr@...lsio.com" <ganeshgr@...lsio.com>,
"nbd@...nwrt.org" <nbd@...nwrt.org>,
"blogic@...nwrt.org" <blogic@...nwrt.org>,
"matthias.bgg@...il.com" <matthias.bgg@...il.com>,
"yishaih@...lanox.com" <yishaih@...lanox.com>,
"saeedm@...lanox.com" <saeedm@...lanox.com>,
"matanb@...lanox.com" <matanb@...lanox.com>,
"leonro@...lanox.com" <leonro@...lanox.com>,
"ajk@...nets.uni-bremen.de" <ajk@...nets.uni-bremen.de>,
"paulus@...ba.org" <paulus@...ba.org>, "j@...fi" <j@...fi>,
"kvalo@...eaurora.org" <kvalo@...eaurora.org>,
"peterz@...radead.org" <peterz@...radead.org>,
"keescook@...omium.org" <keescook@...omium.org>,
"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
Hans Liljestrand <ishkamiel@...il.com>,
"David Windsor" <dwindsor@...il.com>
Subject: RE: [PATCH 06/16] drivers, net, mlx5: convert mlx5_cq.refcount from
atomic_t to refcount_t
From: Elena Reshetova
> Sent: 28 March 2017 09:57
>
> refcount_t type and corresponding API should be
> used instead of atomic_t when the variable is used as
> a reference counter. This allows to avoid accidental
> refcounter overflows that might lead to use-after-free
> situations.
I can't help feeling that you ought to find a scheme
that will detect extra decrements and extra increments
before the counter wraps 32 bits.
If an extra reference is requested every 100us it takes 4.8 days
for the counter to increment back to zero.
Simple tests aren't doing to find that - but it can easily happen
on a system that is running for several years.
David
Powered by blists - more mailing lists