From: Al Viro <viro@ZenIV.linux.org.uk>
To: Marek Lindner <lindner_marek@yahoo.de>
Cc: b.a.t.m.a.n@lists.open-mesh.org
Subject: Re: [B.A.T.M.A.N.] pull request: batman-adv 2012-04-18
Date: Mon, 23 Apr 2012 07:43:24 +0100 [thread overview]
Message-ID: <20120423064324.GZ6871@ZenIV.linux.org.uk> (raw)
In-Reply-To: <201204231318.25768.lindner_marek@yahoo.de>
On Mon, Apr 23, 2012 at 01:18:25PM +0800, Marek Lindner wrote:
>
> Hi,
>
> > Haven't found any, but
> >
> > * you do an awful lot of GFP_ATOMIC allocations and those can and
> > do fail from time to time. What's worse, you ignore some of those
> > failures - e.g. failing allocation in orig_hash_{add,del}_if() will be
> > ignored by the caller. I haven't looked into that code enough to tell
> > if it could be exploited, but I really don't like the look of it...
>
> other GFP_* allocations can't fail ?
> This whole resizing isn't escpecially beautiful and asks for some love.
Other GFP_* allocations fail only when system is in a really lousy state -
killing processes, etc. GFP_ATOMIC can fail in much milder conditions;
note that they can't e.g. swap a page out or write a dirty page out and
free it, etc. _Any_ allocation failures need to be dealt with, of course,
but with GFP_ATOMIC ones failures are just a fact of life - it's not even
an emergency situation.
> > * orig_node_add_if() leaves junk in added array elements. You do
> > kmalloc() followed by memcpy(), but leave the last element uninitialized.
> > May be safe if you assign it soon enough, but I'd suggest checking that.
>
> Replacing kmalloc() with kzalloc() should do, right ?
*shrug*
That would do it, all right, but since you memcpy() over all but the last
element, I'd suggest cleaning that last element explicitly. Hell knows -
depends on how large your arrays are...
> > * orig_node_del_if() looks odd - it removes element #hard_iface->if_num
> > and shifts all subsequent ones down; then it renumbers interfaces to
> > match that. So far, so good, and there's even a plausible comment about
> > locking:
> > /* renumber remaining batman interfaces _inside_ of orig_hash_lock */
> > except that no such lock exists since commit d007260. What protects us
> > from the obvious race in there?
>
> Thanks for catching this. I agree that this is not properly protected. All
> functions accessing orig_node->bcast_own(_sum) use orig_node->ogm_cnt_lock to
> lock each other out. Obviously we would need a global lock for the interface
> renumbering which will be as ugly as the current array resizing is. You don't
> happen to have a good example of a resizable array at hand ?
Depends... How large those arrays realistically get? I would probably
consider allocating these guys separately and hashing them by orig_node/hwif
pair, but feasibility of that depends on how many of each do you expect to
see and how often do their numbers change...
next prev parent reply other threads:[~2012-04-23 6:43 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-18 9:59 [B.A.T.M.A.N.] pull request: batman-adv 2012-04-18 Antonio Quartulli
2012-04-18 9:59 ` Antonio Quartulli
2012-04-18 9:59 ` [B.A.T.M.A.N.] [PATCH 01/13] batman-adv: convert the tt_crc to network order Antonio Quartulli
2012-04-18 9:59 ` Antonio Quartulli
2012-04-18 9:59 ` [B.A.T.M.A.N.] [PATCH 02/13] batman-adv: remove duplicated line in comment Antonio Quartulli
2012-04-18 9:59 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 03/13] batman-adv: move ogm initialization into the proper function Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 04/13] batman-adv: refactoring API: find generalized name for bat_ogm_init callback Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 05/13] batman-adv: randomize initial seqno to avoid collision Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 06/13] batman-adv: add iface_disable() callback to routing API Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 07/13] batman-adv: handle routing code initialization properly Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 08/13] batman-adv: refactoring API: find generalized name for bat_ogm_init_primary callback Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 09/13] batman-adv: rename BATMAN_OGM_LEN to BATMAN_OGM_HLEN Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 10/13] batman-adv: mark existing ogm variables as batman iv Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 11/13] batman-adv: use ETH_HLEN instead of sizeof(struct ethhdr) Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 12/13] batman-adv: print OGM seq numbers as unsigned int Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 10:00 ` [B.A.T.M.A.N.] [PATCH 13/13] batman-adv: skip the window protection test when the originator has no neighbours Antonio Quartulli
2012-04-18 10:00 ` Antonio Quartulli
2012-04-18 17:22 ` [B.A.T.M.A.N.] pull request: batman-adv 2012-04-18 David Miller
2012-04-18 17:22 ` David Miller
2012-04-18 18:08 ` [B.A.T.M.A.N.] " Al Viro
2012-04-18 18:08 ` Al Viro
2012-04-18 18:09 ` [B.A.T.M.A.N.] [PATCH 1/4] batman: don't bother flipping ->tt_data Al Viro
2012-04-18 18:09 ` Al Viro
2012-04-18 18:10 ` [B.A.T.M.A.N.] [PATCH 2/4] batman: don't bother flipping ->tt_crc Al Viro
2012-04-18 18:10 ` Al Viro
2012-04-19 5:41 ` [B.A.T.M.A.N.] " Antonio Quartulli
2012-04-19 5:41 ` Antonio Quartulli
2012-04-19 5:49 ` [B.A.T.M.A.N.] " Antonio Quartulli
2012-04-19 5:49 ` Antonio Quartulli
2012-04-18 18:11 ` [B.A.T.M.A.N.] batman: keep batman_ogm_packet ->seqno net-endian all along Al Viro
2012-04-18 18:11 ` Al Viro
2012-04-18 18:15 ` [B.A.T.M.A.N.] " Al Viro
2012-04-18 18:15 ` Al Viro
2012-04-18 18:14 ` [B.A.T.M.A.N.] batman: trivial endianness annotations Al Viro
2012-04-18 18:14 ` Al Viro
[not found] ` <20120419061026.GC8658@ritirata.org>
[not found] ` <20120419134854.GA6871@ZenIV.linux.org.uk>
2012-04-19 14:09 ` [B.A.T.M.A.N.] pull request: batman-adv 2012-04-18 Antonio Quartulli
2012-04-23 5:18 ` Marek Lindner
2012-04-23 6:43 ` Al Viro [this message]
2012-04-23 7:17 ` Marek Lindner
[not found] ` <20120422064426.GU6871@ZenIV.linux.org.uk>
2012-04-25 12:11 ` [B.A.T.M.A.N.] [PATCH 1/5] batman-adv: don't bother flipping ->tt_data Marek Lindner
[not found] ` <20120422065029.GY6871@ZenIV.linux.org.uk>
2012-04-25 12:14 ` [B.A.T.M.A.N.] [PATCH 5/5] batman-adv: get rid of pointless cast in memcpy() Marek Lindner
[not found] ` <20120422064750.GX6871@ZenIV.linux.org.uk>
2012-04-25 12:18 ` [B.A.T.M.A.N.] [PATCH 4/5] batman-adv: trivial endianness annotations Marek Lindner
[not found] ` <20120422064629.GW6871@ZenIV.linux.org.uk>
2012-04-25 12:25 ` [B.A.T.M.A.N.] [PATCH 3/5] batman-adv: keep batman_ogm_packet ->seqno net-endian all along Marek Lindner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120423064324.GZ6871@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=b.a.t.m.a.n@lists.open-mesh.org \
--cc=lindner_marek@yahoo.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.