lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 31 Mar 2022 12:54:51 -0400 From: Jon Maloy <jmaloy@...hat.com> To: Paolo Abeni <pabeni@...hat.com>, Niels Dossche <dossche.niels@...il.com>, tipc-discussion@...ts.sourceforge.net Cc: netdev@...r.kernel.org, Ying Xue <ying.xue@...driver.com>, "David S. Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Hoang Le <hoang.h.le@...tech.com.au> Subject: Re: [PATCH net] tipc: use a write lock for keepalive_intv instead of a read lock On 3/31/22 10:28, Paolo Abeni wrote: > On Tue, 2022-03-29 at 18:12 +0200, Niels Dossche wrote: >> Currently, n->keepalive_intv is written to while n is locked by a read >> lock instead of a write lock. This seems to me to break the atomicity >> against other readers. >> Change this to a write lock instead to solve the issue. >> >> Note: >> I am currently working on a static analyser to detect missing locks >> using type-based static analysis as my master's thesis >> in order to obtain my master's degree. >> If you would like to have more details, please let me know. >> This was a reported case. I manually verified the report by looking >> at the code, so that I do not send wrong information or patches. >> After concluding that this seems to be a true positive, I created >> this patch. I have both compile-tested this patch and runtime-tested >> this patch on x86_64. The effect on a running system could be a >> potential race condition in exceptional cases. >> This issue was found on Linux v5.17. >> >> Fixes: f5d6c3e5a359 ("tipc: fix node keep alive interval calculation") >> Signed-off-by: Niels Dossche <dossche.niels@...il.com> >> --- >> net/tipc/node.c | 4 ++-- >> 1 file changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/net/tipc/node.c b/net/tipc/node.c >> index 6ef95ce565bd..da867ddb93f5 100644 >> --- a/net/tipc/node.c >> +++ b/net/tipc/node.c >> @@ -806,9 +806,9 @@ static void tipc_node_timeout(struct timer_list *t) >> /* Initial node interval to value larger (10 seconds), then it will be >> * recalculated with link lowest tolerance >> */ >> - tipc_node_read_lock(n); >> + tipc_node_write_lock(n); > I agree with Hoang, this should be safe even without write lock, as > tipc_node_timeout() is the only function modifying keepalive_intv, and > such function is invoked only by a timer, so we are guaranteeded there > are no possible concurrent updates... > >> n->keepalive_intv = 10000; >> - tipc_node_read_unlock(n); >> + tipc_node_write_unlock(n); >> for (bearer_id = 0; remains && (bearer_id < MAX_BEARERS); bearer_id++) { >> tipc_node_read_lock(n); > ...otherwise we have a similar issue here: a few line below > keepalive_intv is updated via tipc_node_calculate_timer(), still under > the read lock > > Thanks! > > Paolo > Hoang's and Paolo's conclusion is correct. The patch is not needed. ///jon
Powered by blists - more mailing lists