From: Jesper Dangaard Brouer <brouer@redhat.com>
To: "billbonaparte" <programme110@gmail.com>
Cc: <fw@strlen.de>, <linux-kernel@vger.kernel.org>,
"Pablo Neira Ayuso" <pablo@netfilter.org>,
"Patrick McHardy" <kaber@trash.net>, <kadlec@blackhole.kfki.hu>,
<davem@davemloft.net>, "Changli Gao" <xiaosuo@gmail.com>,
"Andrey Vagin" <avagin@openvz.org>,
brouer@redhat.com,
"netfilter-devel@vger.kernel.org"
<netfilter-devel@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>
Subject: Re: netfilter: nf_conntrack: there maybe a bug in __nf_conntrack_confirm, when it race against get_next_corpse
Date: Thu, 6 Nov 2014 14:00:13 +0100 [thread overview]
Message-ID: <20141106140013.5110dd6e@redhat.com> (raw)
In-Reply-To: <012601cff7d1$7ce2d620$76a88260$@gmail.com>
On Tue, 4 Nov 2014 09:48:32 +0800
"billbonaparte" <programme110@gmail.com> wrote:
> (sorry to send this e-mail again, last mail is rejected by server due to
> non-acceptable content)
There is several issues with your submission. I'll take care of
resubmitting a patch in your name (so you will get credit in the git
log).
If you care to know, issues are:
1. you are not sending to the appropriate mailing lists,
2. patch is as an attachment (should be inlined),
3. the patch have style and white-space issues.
> Florian Westphal [mailto:fw@strlen.de] wrote:
> >Correct. This is broken since the central spin lock removal, since
> >nf_conntrack_lock no longer protects both get_next_corpse and
> >conntrack_confirm.
> >
> >Please send a patch, moving dying check after removal of conntrack from
> >the percpu list,
>
> Since unconfirmed conntrack is stored in unconfirmed-list which is per-cpu
> list and protected by per-cpu spin-lock, we can remove it from
> uncomfirmed-list and insert it into ct-hash-table separately. that is to
> say, we can remove it from uncomfirmed-list without holding corresponding
> hash-lock, then check if it is dying.
> if it is dying, we add it to the dying-list, then quit
> __nf_conntrack_confirm. we do this to follow the rules that the conntrack
> must alternatively at unconfirmed-list or dying-list when it is abort to be
> destroyed.
In the resubmit. I'll take a slightly more conservative approach, by
keeping the DYING check under the hash-lock, as it is currently. I
guess we could do it without holding the hash-lock, but I want to keep
the fix as simple as possible.
> >> 2. operation on ct->status should be atomic, because it race aginst
> >> get_next_corpse.
[...]
> if there is a race at operating ct->status, there will be in alternative
> case:
> 1) IPS_DYING bit which set in get_next_corpse override other bits (e.g.
> IPS_SRC_NAT_DONE_BIT), or
> 2) other bits (e.g. IPS_SRC_NAT_DONE_BIT) which set in nf_nat_setup_info
> override IPS_DYING bit.
Notice the set_bit() is atomic, so we don't have these issues (of bits
getting overridden).
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Sr. Network Kernel Developer at Red Hat
Author of http://www.iptv-analyzer.org
LinkedIn: http://www.linkedin.com/in/brouer
next prev parent reply other threads:[~2014-11-06 13:00 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-04 1:48 netfilter: nf_conntrack: there maybe a bug in __nf_conntrack_confirm, when it race against get_next_corpse billbonaparte
2014-11-06 13:00 ` Jesper Dangaard Brouer [this message]
2014-11-06 13:36 ` [PATCH nf] netfilter: conntrack: fix race in __nf_conntrack_confirm " Jesper Dangaard Brouer
2014-11-10 16:54 ` Pablo Neira Ayuso
2014-11-12 7:35 ` Jesper Dangaard Brouer
2014-11-12 10:57 ` Jörg Marx
2014-11-13 12:08 ` Pablo Neira Ayuso
2014-11-13 14:33 ` Jörg Marx
2014-11-14 16:40 ` Pablo Neira Ayuso
-- strict thread matches above, loose matches on Subject: below --
2014-11-07 6:47 netfilter: nf_conntrack: there maybe a bug in __nf_conntrack_confirm, when it race " Bill Bonaparte
2014-11-04 1:52 billbonaparte
[not found] <02ef01cff25f$29887f60$7c997e20$@gmail.com>
2014-10-28 3:37 ` billbonaparte
2014-10-28 9:46 ` Florian Westphal
2014-10-28 10:11 ` Jesper Dangaard Brouer
2014-10-28 3:27 billbonaparte
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141106140013.5110dd6e@redhat.com \
--to=brouer@redhat.com \
--cc=avagin@openvz.org \
--cc=davem@davemloft.net \
--cc=fw@strlen.de \
--cc=kaber@trash.net \
--cc=kadlec@blackhole.kfki.hu \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=programme110@gmail.com \
--cc=xiaosuo@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.