| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 May 2015 17:36:06 +0900
From: Toshiaki Makita <makita.toshiaki@....ntt.co.jp>
To: Simon Horman <simon.horman@...ronome.com>
CC: Scott Feldman <sfeldma@...il.com>, Jiri Pirko <jiri@...nulli.us>,
David Miller <davem@...emloft.net>, netdev@...r.kernel.org
Subject: Re: [PATCH v3 net-next 3/4] rocker: do not make neighbour entry changes
when preparing transactions
On 2015/05/20 16:48, Simon Horman wrote:
> On Wed, May 20, 2015 at 03:15:23PM +0900, Toshiaki Makita wrote:
>> On 2015/05/20 14:48, Simon Horman wrote:
...
>>> static void _rocker_neigh_add(struct rocker *rocker,
>>> + enum switchdev_trans trans,
>>> struct rocker_neigh_tbl_entry *entry)
>>> {
>>> + if (trans == SWITCHDEV_TRANS_PREPARE)
>>> + return;
>>> entry->index = rocker->neigh_tbl_next_index++;
>>
>> Isn't index needed here? It looks to be used in later function call and
>> logging.
>
> Thanks, that does not follow the usual model of setting values
> during the PREPARE (and all other) transaction phase(s).
>
>> How about setting index like this?
>>
>> entry->index = rocker->neigh_tbl_next_index;
>> if (trans == PREPARE)
>> return;
>> rocker->neigh_tbl_next_index++;
>> ...
>
> I am concerned that _rocker_neigh_add() may be called by some other
> caller while a transaction is in process and thus entry->index will
> be inconsistent across callers.
>
> Perhaps we can convince ourselves that all the bases are covered.
> So far my testing has drawn a blank. But the logic seems difficult to
> reason about.
>
> As we are basically allocating an index I suppose what is really needed for
> a correct implementation is a transaction aware index allocator, like we
> have for memory (rocker_port_kzalloc etc...). But that does seem like
> overkill.
>
> I think that we can make entry->index consistent across
> calls in the same transaction at the expense of breaking the
> rule that per-transaction data should be set during all transaction phases.
>
> Something like this:
>
>
> if (trans != SWITCHDEV_TRANS_COMMIT)
> /* Avoid index being set to different values across calls
> * to this function by the same caller within the same
> * transaction.
> */
> entry->index = rocker->neigh_tbl_next_index++;
> if (trans == SWITCHDEV_TRANS_PREPARE)
> return;
>
>
As long as it is guraded by rtnl lock, no worries about this race? It
seems to be assumed that prepare-commit is guarded by rtnl lock,
according to commit c4f20321 ("rocker: support prepare-commit
transaction model").
But as you are concerned, it seems to be able to be called by another
caller, specifically, neigh_timer_handler() in interrupt context without
rtnl lock. IMHO, it should be fixed rather than avoiding the race here.
Thanks,
Toshiaki Makita
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists