| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 31 Mar 2022 12:54:51 -0400
From: Jon Maloy <jmaloy@...hat.com>
To: Paolo Abeni <pabeni@...hat.com>,
Niels Dossche <dossche.niels@...il.com>,
tipc-discussion@...ts.sourceforge.net
Cc: netdev@...r.kernel.org, Ying Xue <ying.xue@...driver.com>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Hoang Le <hoang.h.le@...tech.com.au>
Subject: Re: [PATCH net] tipc: use a write lock for keepalive_intv instead of
a read lock
On 3/31/22 10:28, Paolo Abeni wrote:
> On Tue, 2022-03-29 at 18:12 +0200, Niels Dossche wrote:
>> Currently, n->keepalive_intv is written to while n is locked by a read
>> lock instead of a write lock. This seems to me to break the atomicity
>> against other readers.
>> Change this to a write lock instead to solve the issue.
>>
>> Note:
>> I am currently working on a static analyser to detect missing locks
>> using type-based static analysis as my master's thesis
>> in order to obtain my master's degree.
>> If you would like to have more details, please let me know.
>> This was a reported case. I manually verified the report by looking
>> at the code, so that I do not send wrong information or patches.
>> After concluding that this seems to be a true positive, I created
>> this patch. I have both compile-tested this patch and runtime-tested
>> this patch on x86_64. The effect on a running system could be a
>> potential race condition in exceptional cases.
>> This issue was found on Linux v5.17.
>>
>> Fixes: f5d6c3e5a359 ("tipc: fix node keep alive interval calculation")
>> Signed-off-by: Niels Dossche <dossche.niels@...il.com>
>> ---
>> net/tipc/node.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/net/tipc/node.c b/net/tipc/node.c
>> index 6ef95ce565bd..da867ddb93f5 100644
>> --- a/net/tipc/node.c
>> +++ b/net/tipc/node.c
>> @@ -806,9 +806,9 @@ static void tipc_node_timeout(struct timer_list *t)
>> /* Initial node interval to value larger (10 seconds), then it will be
>> * recalculated with link lowest tolerance
>> */
>> - tipc_node_read_lock(n);
>> + tipc_node_write_lock(n);
> I agree with Hoang, this should be safe even without write lock, as
> tipc_node_timeout() is the only function modifying keepalive_intv, and
> such function is invoked only by a timer, so we are guaranteeded there
> are no possible concurrent updates...
>
>> n->keepalive_intv = 10000;
>> - tipc_node_read_unlock(n);
>> + tipc_node_write_unlock(n);
>> for (bearer_id = 0; remains && (bearer_id < MAX_BEARERS); bearer_id++) {
>> tipc_node_read_lock(n);
> ...otherwise we have a similar issue here: a few line below
> keepalive_intv is updated via tipc_node_calculate_timer(), still under
> the read lock
>
> Thanks!
>
> Paolo
>
Hoang's and Paolo's conclusion is correct.
The patch is not needed.
///jon
Powered by blists - more mailing lists