[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <201012080923.36086.Martin@lichtvoll.de>
Date: Wed, 8 Dec 2010 09:23:25 +0100
From: Martin Steigerwald <Martin@...htvoll.de>
To: Eric Dumazet <eric.dumazet@...il.com>
Cc: Ben Hutchings <bhutchings@...arflare.com>,
David Miller <davem@...emloft.net>,
netdev <netdev@...r.kernel.org>
Subject: Re: [PATCH] tcp: avoid a possible divide by zero
Am Dienstag 07 Dezember 2010 schrieb Eric Dumazet:
> Le mardi 07 décembre 2010 à 21:32 +0000, Ben Hutchings a écrit :
> > On Tue, 2010-12-07 at 22:28 +0100, Eric Dumazet wrote:
> > [...]
> >
> > > Thanks
> > >
> > > Great, I feel we are going to fix all sysctls, one by one then :(
Are there so many sysctls which are likely to freeze the kernel when fed
with wrong value? Once could argue for sysctls where invalid values don't
cause any serious harm, its not so important to fix it. I probably could
have next weeks training members a go at poking creative values in other
controls as well to see what happens.
> > > lkml removed from Cc
> > >
> > >
> > > [PATCH] tcp: avoid a possible divide by zero
> > >
> > > sysctl_tcp_tso_win_divisor might be set to zero while one cpu runs
> > > in tcp_tso_should_defer(). Make sure we dont allow a divide by
> > > zero by reading sysctl_tcp_tso_win_divisor once.
> > >
> > > Signed-off-by: Eric Dumazet <eric.dumazet@...il.com>
> > > ---
[...]
> > > + win_divisor = sysctl_tcp_tso_win_divisor;
> >
> > You need to use ACCESS_ONCE(sysctl_tcp_tso_win_divisor). Otherwise
> > the compiler may eliminate the local variable and read the global
> > twice.
>
> Yes, I knew that, of course :)
>
> I wonder how many bugs like that we have in sysctls
>
> Thanks
>
> [PATCH v2] tcp: avoid a possible divide by zero
>
> sysctl_tcp_tso_win_divisor might be set to zero while one cpu runs in
> tcp_tso_should_defer(). Make sure we dont allow a divide by zero by
> reading sysctl_tcp_tso_win_divisor exactly once.
>
> Signed-off-by: Eric Dumazet <eric.dumazet@...il.com>
> ---
> v2: Use ACCESS_ONCE() as Ben suggested
>
> net/ipv4/tcp_output.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
> index 05b1ecf..0464d70 100644
> --- a/net/ipv4/tcp_output.c
> +++ b/net/ipv4/tcp_output.c
> @@ -1513,6 +1513,7 @@ static int tcp_tso_should_defer(struct sock *sk,
> struct sk_buff *skb) struct tcp_sock *tp = tcp_sk(sk);
> const struct inet_connection_sock *icsk = inet_csk(sk);
> u32 send_win, cong_win, limit, in_flight;
> + int win_divisor;
[...]
> - if (sysctl_tcp_tso_win_divisor) {
> + win_divisor = ACCESS_ONCE(sysctl_tcp_tso_win_divisor);
> + if (win_divisor) {
> u32 chunk = min(tp->snd_wnd, tp->snd_cwnd * tp->mss_cache);
>
> /* If at least some fraction of a window is available,
> * just use it.
> */
> - chunk /= sysctl_tcp_tso_win_divisor;
> + chunk /= win_divisor;
> if (limit >= chunk)
> goto send_now;
> } else {
So this patch helps other cases as well? Or is it, as I think just a
different approach, to fix the issue my training member brought up, by its
cause instead of or additional to limiting its range?
Want to check whether I basically understood the patch. Do you want me to
test it?
Thanks,
--
Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA B82F 991B EAAC A599 84C7
Download attachment "signature.asc " of type "application/pgp-signature" (199 bytes)
Powered by blists - more mailing lists