lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 31 Mar 2022 16:28:15 +0200 From: Paolo Abeni <pabeni@...hat.com> To: Niels Dossche <dossche.niels@...il.com>, tipc-discussion@...ts.sourceforge.net Cc: netdev@...r.kernel.org, Jon Maloy <jmaloy@...hat.com>, Ying Xue <ying.xue@...driver.com>, "David S. Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Hoang Le <hoang.h.le@...tech.com.au> Subject: Re: [PATCH net] tipc: use a write lock for keepalive_intv instead of a read lock On Tue, 2022-03-29 at 18:12 +0200, Niels Dossche wrote: > Currently, n->keepalive_intv is written to while n is locked by a read > lock instead of a write lock. This seems to me to break the atomicity > against other readers. > Change this to a write lock instead to solve the issue. > > Note: > I am currently working on a static analyser to detect missing locks > using type-based static analysis as my master's thesis > in order to obtain my master's degree. > If you would like to have more details, please let me know. > This was a reported case. I manually verified the report by looking > at the code, so that I do not send wrong information or patches. > After concluding that this seems to be a true positive, I created > this patch. I have both compile-tested this patch and runtime-tested > this patch on x86_64. The effect on a running system could be a > potential race condition in exceptional cases. > This issue was found on Linux v5.17. > > Fixes: f5d6c3e5a359 ("tipc: fix node keep alive interval calculation") > Signed-off-by: Niels Dossche <dossche.niels@...il.com> > --- > net/tipc/node.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/net/tipc/node.c b/net/tipc/node.c > index 6ef95ce565bd..da867ddb93f5 100644 > --- a/net/tipc/node.c > +++ b/net/tipc/node.c > @@ -806,9 +806,9 @@ static void tipc_node_timeout(struct timer_list *t) > /* Initial node interval to value larger (10 seconds), then it will be > * recalculated with link lowest tolerance > */ > - tipc_node_read_lock(n); > + tipc_node_write_lock(n); I agree with Hoang, this should be safe even without write lock, as tipc_node_timeout() is the only function modifying keepalive_intv, and such function is invoked only by a timer, so we are guaranteeded there are no possible concurrent updates... > n->keepalive_intv = 10000; > - tipc_node_read_unlock(n); > + tipc_node_write_unlock(n); > for (bearer_id = 0; remains && (bearer_id < MAX_BEARERS); bearer_id++) { > tipc_node_read_lock(n); ...otherwise we have a similar issue here: a few line below keepalive_intv is updated via tipc_node_calculate_timer(), still under the read lock Thanks! Paolo
Powered by blists - more mailing lists