| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0627950da21443c2b422d9861e81bf3a@huawei.com>
Date: Sat, 15 Aug 2020 02:02:18 +0000
From: linmiaohe <linmiaohe@...wei.com>
To: Willem de Bruijn <willemdebruijn.kernel@...il.com>
CC: David Miller <davem@...emloft.net>,
Alexey Kuznetsov <kuznet@....inr.ac.ru>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
"Jakub Kicinski" <kuba@...nel.org>,
Network Development <netdev@...r.kernel.org>,
linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] net: correct zerocopy refcnt with newly allocated UDP or
RAW uarg
Willem de Bruijn <willemdebruijn.kernel@...il.com> wrote:
>On Fri, Aug 14, 2020 at 10:17 AM linmiaohe <linmiaohe@...wei.com> wrote:
>>
>
>I don't think that can happen.
>
>The question is when this branch is false
>
> next = (u32)atomic_read(&sk->sk_zckey);
> if ((u32)(uarg->id + uarg->len) == next) {
>
>I cannot come up with a case. I think it might be vestigial. The goal is to ensure to append only a consecutive range of notification IDs.
>Each notification ID corresponds to a sendmsg invocation with MSG_ZEROCOPY. In both TCP and UDP with corking, data is ordered and access to changes to these fields happen together as a transaction:
>
> /* realloc only when socket is locked (TCP, UDP cork),
> * so uarg->len and sk_zckey access is serialized
> */
So what I concerned is just a theoretically problems. If we can always guarantee sock_zerocopy_realloc only returns the existing uarg or NULL when on skb_zcopy(skb),
bad things won't happen.
Many thanks for your detailed explaination.
Powered by blists - more mailing lists