From: Florian Westphal <fw@strlen.de>
To: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Cc: Jozsef Kadlecsik <kadlec@netfilter.org>,
netfilter-devel@vger.kernel.org,
Pablo Neira Ayuso <pablo@netfilter.org>
Subject: Re: [PATCH 2/2] netfilter: ipset: Fix data race between add and dump in all hash types
Date: Mon, 20 Apr 2026 16:03:26 +0200 [thread overview]
Message-ID: <aeYyIjzGGupy99Fv@strlen.de> (raw)
In-Reply-To: <4e01c555-2f4c-81b7-e6c4-d1f7b3e2e99f@blackhole.kfki.hu>
Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> wrote:
> limit the searching range for existing elements (which might be timed out
> as well). So until the "size" is unchanged (no growing/shrinking), the
> worst things which can happen if it's not "correct":
>
> - new element added but dump/test don't "find" it
> - element deleted but dump/test find it
>
> The critical part is when "size" changes. But "size" never updated
> directly: a completely new bucket is created when growing/shrinking and
> the new bucket is assigned via RCU mechanism.
>
> So why do you thing the helpers are required to read/update the "pos"
> element of the hash bucket? I might not see the wood for the trees.
As-is it is confusing. Pos is updated concurrently to dumpers
with no ordering and no annotations (READ_ONCE, WRITE_ONCE).
Maybe they are not required, but then there should be WRITE_ONCE()
and READ_ONCE and a comment explaining that this is deliberately racy.
Basically what you wrote above. It would help to understand what
guarantees there are and that this is good enough.
As-is KCSAN will surely splat without data race annotations.
next prev parent reply other threads:[~2026-04-20 14:03 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-15 8:20 [PATCH 0/2 v3] netfilter: ipset: concurrent add and dump fixes Jozsef Kadlecsik
2026-04-15 8:20 ` [PATCH 1/2] netfilter: ipset: Fix data race between add and list header in all hash types Jozsef Kadlecsik
2026-04-15 8:20 ` [PATCH 2/2] netfilter: ipset: Fix data race between add and dump " Jozsef Kadlecsik
2026-04-15 10:22 ` Florian Westphal
2026-04-15 10:33 ` Jozsef Kadlecsik
2026-04-20 13:11 ` Jozsef Kadlecsik
2026-04-20 14:03 ` Florian Westphal [this message]
-- strict thread matches above, loose matches on Subject: below --
2026-04-08 7:02 [PATCH 0/2] netfilter: ipset: concurrent add and dump fixes Jozsef Kadlecsik
2026-04-08 7:02 ` [PATCH 2/2] netfilter: ipset: Fix data race between add and dump in all hash types Jozsef Kadlecsik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aeYyIjzGGupy99Fv@strlen.de \
--to=fw@strlen.de \
--cc=kadlec@blackhole.kfki.hu \
--cc=kadlec@netfilter.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.