lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87a9c5jx1y.fsf@x220.int.ebiederm.org>
Date:	Tue, 01 Apr 2014 01:03:53 -0700
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	David Miller <davem@...emloft.net>
Cc:	bjorn@...k.no, eric.dumazet@...il.com, ben@...adent.org.uk,
	stephen@...workplumber.org, netdev@...r.kernel.org,
	xiyou.wangcong@...il.com, mpm@...enic.com, satyam.sharma@...il.com,
	David.Laight@...LAB.COM
Subject: Re: [PATCH 1/3] net: Add a test to see if a skb is freeable in irq context

David Miller <davem@...emloft.net> writes:

> From: ebiederm@...ssion.com (Eric W. Biederman)
> Date: Thu, 27 Mar 2014 18:15:47 -0700
>
>> Currently netpoll and skb_release_head_state assume that a skb is
>> freeable in hard irq context except when skb->destructor is set.
>> 
>> The reality is far from this.  So add a function skb_irq_freeable to
>> compute the full test and in the process be the living documentation of
>> what the requirements are of actually freeing a skb in hard irq context.
>> 
>> Signed-off-by: "Eric W. Biederman" <ebiederm@...ssion.com>
>  ...
>> +	return !skb->destructor &&
>> +#if IS_ENABLED(CONFIG_XFRM)
>> +		!skb->sp &&
>> +#endif
>> +#if IS_ENABLED(CONFIG_NF_CONNTRACK)
>> +		!skb->nfct &&
>> +#endif
>> +		!skb->_skb_refdst &&
>> +		!skb_has_frag_list(skb);
>
> I think you need to add "!skb->nf_bridge &&" to this test.

Given that the definition of nf_bridge_put is just:

static inline void nf_bridge_put(struct nf_bridge_info *nf_bridge)
{
	if (nf_bridge && atomic_dec_and_test(&nf_bridge->use))
		kfree(nf_bridge);
}

I don't see why.

atomic_dec_and_test and kfree are hard irq safe.

I can see the code evolving in a way where it wouldn't be safe to put a
nf_bridge from hard irq context but the code as it is today is trivially
safe.

Eric

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ