lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 12 Oct 2023 17:15:15 +0200
From: Wenjia Zhang <wenjia@...ux.ibm.com>
To: "D. Wythe" <alibuda@...ux.alibaba.com>, kgraul@...ux.ibm.com,
        jaka@...ux.ibm.com, wintera@...ux.ibm.com
Cc: kuba@...nel.org, davem@...emloft.net, netdev@...r.kernel.org,
        linux-s390@...r.kernel.org, linux-rdma@...r.kernel.org
Subject: Re: [PATCH net 3/5] net/smc: allow cdc msg send rather than drop it
 with NULL sndbuf_desc



On 12.10.23 04:49, D. Wythe wrote:
> 
> 
> On 10/12/23 4:37 AM, Wenjia Zhang wrote:
>>
>>
>> On 11.10.23 09:33, D. Wythe wrote:
>>> From: "D. Wythe" <alibuda@...ux.alibaba.com>
>>>
>>> This patch re-fix the issues memtianed by commit 22a825c541d7
>>> ("net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()").
>>>
>>> Blocking sending message do solve the issues though, but it also
>>> prevents the peer to receive the final message. Besides, in logic,
>>> whether the sndbuf_desc is NULL or not have no impact on the processing
>>> of cdc message sending.
>>>
>> Agree.
>>
>>> Hence that, this patch allow the cdc message sending but to check the
>>> sndbuf_desc with care in smc_cdc_tx_handler().
>>>
>>> Fixes: 22a825c541d7 ("net/smc: fix NULL sndbuf_desc in 
>>> smc_cdc_tx_handler()")
>>> Signed-off-by: D. Wythe <alibuda@...ux.alibaba.com>
>>> ---
>>>   net/smc/smc_cdc.c | 9 ++++-----
>>>   1 file changed, 4 insertions(+), 5 deletions(-)
>>>
>>> diff --git a/net/smc/smc_cdc.c b/net/smc/smc_cdc.c
>>> index 01bdb79..3c06625 100644
>>> --- a/net/smc/smc_cdc.c
>>> +++ b/net/smc/smc_cdc.c
>>> @@ -28,13 +28,15 @@ static void smc_cdc_tx_handler(struct 
>>> smc_wr_tx_pend_priv *pnd_snd,
>>>   {
>>>       struct smc_cdc_tx_pend *cdcpend = (struct smc_cdc_tx_pend 
>>> *)pnd_snd;
>>>       struct smc_connection *conn = cdcpend->conn;
>>> +    struct smc_buf_desc *sndbuf_desc;
>>>       struct smc_sock *smc;
>>>       int diff;
>>>   +    sndbuf_desc = conn->sndbuf_desc;
>>>       smc = container_of(conn, struct smc_sock, conn);
>>>       bh_lock_sock(&smc->sk);
>>> -    if (!wc_status) {
>>> -        diff = smc_curs_diff(cdcpend->conn->sndbuf_desc->len,
>>> +    if (!wc_status && sndbuf_desc) {
>>> +        diff = smc_curs_diff(sndbuf_desc->len,
>> How could this guarantee that the sndbuf_desc would not be NULL?
>>
> 
> It can not guarantee he sndbuf_desc would not be NULL, but it will prevents
> the smc_cdc_tx_handler() to access a NULL sndbuf_desc. So that we
> can avoid the panic descried in commit 22a825c541d7
> ("net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()").
> 
got it, thanks!

Reviewed-by: Wenjia Zhang <wenjia@...ux.ibm.com>

>>> &cdcpend->conn->tx_curs_fin,
>>>                        &cdcpend->cursor);
>>>           /* sndbuf_space is decreased in smc_sendmsg */
>>> @@ -114,9 +116,6 @@ int smc_cdc_msg_send(struct smc_connection *conn,
>>>       union smc_host_cursor cfed;
>>>       int rc;
>>>   -    if (unlikely(!READ_ONCE(conn->sndbuf_desc)))
>>> -        return -ENOBUFS;
>>> -
>>>       smc_cdc_add_pending_send(conn, pend);
>>>         conn->tx_cdc_seq++;
> 

Powered by blists - more mailing lists