lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 Mar 2017 13:31:47 -0700 From: Stephen Hemminger <stephen@...workplumber.org> To: gfree.wind@...mail.com Cc: davem@...emloft.net, netdev@...r.kernel.org, Gao Feng <fgao@...ai8.com> Subject: Re: [PATCH net-next 1/1] tcp: sysctl: Fix a race to avoid unexpected 0 window from space On Fri, 24 Mar 2017 07:05:12 +0800 gfree.wind@...mail.com wrote: > From: Gao Feng <fgao@...ai8.com> > > Because sysctl_tcp_adv_win_scale could be changed any time, so there > is one race in tcp_win_from_space. > For example, > 1.sysctl_tcp_adv_win_scale<=0 (sysctl_tcp_adv_win_scale is negative now) > 2.space>>(-sysctl_tcp_adv_win_scale) (sysctl_tcp_adv_win_scale is postive now) > > As a result, tcp_win_from_space returns 0. It is unexpected. > > Certainly if the compiler put the sysctl_tcp_adv_win_scale into one > register firstly, then use the register directly, it would be ok. > But we could not depend on the compiler behavior. > > Signed-off-by: Gao Feng <fgao@...ai8.com> > --- > include/net/tcp.h | 8 +++++--- > 1 file changed, 5 insertions(+), 3 deletions(-) > > diff --git a/include/net/tcp.h b/include/net/tcp.h > index 6ec4ea6..119b592 100644 > --- a/include/net/tcp.h > +++ b/include/net/tcp.h > @@ -1252,9 +1252,11 @@ void tcp_select_initial_window(int __space, __u32 mss, __u32 *rcv_wnd, > > static inline int tcp_win_from_space(int space) > { > - return sysctl_tcp_adv_win_scale<=0 ? > - (space>>(-sysctl_tcp_adv_win_scale)) : > - space - (space>>sysctl_tcp_adv_win_scale); > + int tcp_adv_win_scale = sysctl_tcp_adv_win_scale; > + > + return tcp_adv_win_scale <= 0 ? > + (space>>(-tcp_adv_win_scale)) : > + space - (space>>tcp_adv_win_scale); > } > > /* Note: caller must be prepared to deal with negative returns */ You need to use READ_ONCE() to be safe. The compiler is free to optimized the code back to the original unless READ_ONCE() is used.
Powered by blists - more mailing lists