lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 17 Sep 2014 07:54:50 -0700 From: Eric Dumazet <eric.dumazet@...il.com> To: Martin Kelly <martin@...tingkelly.com> Cc: David Miller <davem@...emloft.net>, netdev@...r.kernel.org, Paul McKenney <paulmck@...ux.vnet.ibm.com>, Stephen Hemminger <stephen@...workplumber.org> Subject: Re: Question about synchronize_net() in AF_PACKET close() On Wed, 2014-09-17 at 07:29 -0700, Martin Kelly wrote: > On 09/10/2014 02:37 PM, Martin Kelly wrote: > >> The synchronize_net() is also there to protect against the prot hook > >> which can run asynchronously from the core packet input path on any > >> cpu. > >> > > > > Yes, understood. What I'm not clear about is whether it is safe to do > > the following: > > > > unregister_prot_hook(sk, false); > > sock_orphan(sk); > > sock->sk = NULL; > > call_rcu(...); Can you describe the ... ? > > close socket, return to userspace > > > > instead of > > > > unregister_prot_hook(sk, false); > > synchronize_net(); > > sock_orphan(sk); > > sock->sk = NULL; > > close socket, return to userspace > > > > If you don't call synchronize_net() immediately, then other readers > > could see the protocol hook in the protocol list and try to use it. > > They could call into prot_hook.func. However, it appears that such > > functions ( e.g. packet_rcv() ) touch the socket buffer but not the > > socket itself, so orphaning the socket before all RCUs have been > > processed is safe. In addition, no new packets will come in after > > packet_release() and touch the socket because the socket fd will be > > removed from the process fd list. > > > > From my testing, I'm not seeing any obvious issues, but I could be > > missing something. Is orphaning the socket before all RCUs have > > finished unsafe? > > > > (friendly ping) What problem do you want to solve exactly ? I believe its not safe, you missed sk_data_ready() call (sock_def_readable()) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists