Re: [RFC] net: fix data race on sk_buff after re-cloning

From: Eric Dumazet
Date: Thu Sep 17 2015 - 15:03:23 EST

Next message: Stephen Boyd: "[PATCH v2 3/3] FIRMWARE: bcm47xx_nvram: Use __ioread32_copy() instead of open-coding"
Previous message: Konrad Rzeszutek Wilk: "Re: [RFC PATCH] dma/swiotlb: Add helper for device driver to opt-out from swiotlb."
In reply to: Dmitry Vyukov: "[RFC] net: fix data race on sk_buff after re-cloning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2015-09-17 at 20:44 +0200, Dmitry Vyukov wrote:
> KernelThreadSanitizer (KTSAN) reported the following race (on 4.2 rc2):
>
> ThreadSanitizer: data-race in __copy_skb_header
...

> if (likely(atomic_read(&skb->users) == 1))
> smp_rmb();
>
> The patch contains a proposed fix.
> If it looks good to you and the scenario looks sane,
> then I will update the description and resend it.
> ---
> net/core/skbuff.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)

I have to double check this patch, but in the case it is needed,
it would be better to not use fancy new atomic_read_acquire(),
as backporting the fix up to 3.19 (where the bug was probably added)
will require extra hassle.

atomic_read_acquire() would be fine for cleanups and new code, in next
branch.

Thanks !

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stephen Boyd: "[PATCH v2 3/3] FIRMWARE: bcm47xx_nvram: Use __ioread32_copy() instead of open-coding"
Previous message: Konrad Rzeszutek Wilk: "Re: [RFC PATCH] dma/swiotlb: Add helper for device driver to opt-out from swiotlb."
In reply to: Dmitry Vyukov: "[RFC] net: fix data race on sk_buff after re-cloning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]