| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20120605124257.GE27795@secunet.com> Date: Tue, 5 Jun 2012 14:42:57 +0200 From: Steffen Klassert <steffen.klassert@...unet.com> To: Eric Dumazet <eric.dumazet@...il.com> Cc: David Miller <davem@...emloft.net>, netdev <netdev@...r.kernel.org> Subject: Re: [PATCH] inetpeer: fix a race in inetpeer_gc_worker() On Tue, Jun 05, 2012 at 02:19:12PM +0200, Eric Dumazet wrote: > On Tue, 2012-06-05 at 13:56 +0200, Steffen Klassert wrote: > > On Tue, Jun 05, 2012 at 11:28:27AM +0200, Eric Dumazet wrote: > > > From: Eric Dumazet <edumazet@...gle.com> > > > > > > commit 5faa5df1fa2024 (inetpeer: Invalidate the inetpeer tree along with > > > the routing cache) added a race : > > > > > > Before freeing an inetpeer, we must respect a RCU grace period, and make > > > sure no user will attempt to increase refcnt. > > > > > > > As already mentioned in the other mail. In this case, I think > > we can just delete the inetpeer once the refcount got zero. > > > > Nope, a concurrent lookup can find an entry about to be freed. Hm, I agree that we need rcu protection when we remove single entries from an inetpeer tree. But in this case we invalidate the entire tree. The first lookup after inetpeer_invalidate_tree() was invoked should find an empty tree, base->root initialized to peer_avl_empty_rcu. Maybe I'm wrong, but I don't see how a lookup should find such an old invalidated tree. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists