| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 05 Mar 2014 20:59:38 -0500 (EST) From: David Miller <davem@...emloft.net> To: eric.dumazet@...il.com Cc: lars.persson@...s.com, netdev@...r.kernel.org Subject: Re: [PATCH] tcp: tcp_release_cb() should release socket ownership From: Eric Dumazet <eric.dumazet@...il.com> Date: Tue, 04 Mar 2014 14:39:12 -0800 > @@ -767,6 +767,17 @@ void tcp_release_cb(struct sock *sk) > if (flags & (1UL << TCP_TSQ_DEFERRED)) > tcp_tsq_handler(sk); > > + /* Here begins the tricky part : > + * We are called from release_sock() with : > + * 1) BH disabled > + * 2) sk_lock.slock spinlock held > + * 3) socket owned by us (sk->sk_lock.owned == 1) > + * > + * But following code is meant to be called from BH handlers, > + * so we should keep BH disabled, but early release socket ownership > + */ > + sock_release_ownership(sk); > + It really means that sk_lock.owned cannot ever be accessed without the sk_lock spinlock held. Most of this is easy to hand audit, except sock_owned_by_user() which has call sites everywhere. Consider adding a locking assertion to it. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists