From: David Woodhouse <dwmw2@infradead.org>
To: "Chas Williams (CONTRACTOR)" <chas@cmf.nrl.navy.mil>
Cc: Krzysztof Mazur <krzysiek@podlesie.net>,
David Laight <David.Laight@ACULAB.COM>,
davem@davemloft.net, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, nathan@traverse.com.au
Subject: Re: [PATCH v2 3/3] pppoatm: protect against freeing of vcc
Date: Fri, 30 Nov 2012 08:25:22 +0000 [thread overview]
Message-ID: <1354263922.21562.270.camel@shinybook.infradead.org> (raw)
In-Reply-To: <1354240620.21562.256.camel@shinybook.infradead.org>
[-- Attachment #1: Type: text/plain, Size: 2212 bytes --]
On Fri, 2012-11-30 at 01:57 +0000, David Woodhouse wrote:
> I think it's actually fixed for pppoatm by the bh_lock_sock() and the
> sock_owned_by_user() check. As soon as vcc_release() calls lock_sock(),
> pppoatm stops accepting packets.
>
> It should be simple enough to do the same in br2684.
Um... but now I come to look at it... Krzysztof, doesn't your 'pppoatm:
take ATM socket lock in pppoatm_send()' patch actually *break* the case
of sending via vcc_sendmsg()?
Why did you include the sock_owned_by_user() check in there and not just
use bh_lock_sock()?
With the sock_owned_by_user() check, it'll *always* drop packets
submitted through vcc_sendmsg(), won't it?
Admittedly, for PPPoATM and BR2684 we never do want to have packets
submitted directly from userspace that way; they should all come via the
PPP channel or the netdev respectively. So we might want to keep the
sock_owned_by_user() check because it fixes the close race, and
explicitly document it.
But it doesn't necessarily work for other protocols, so we may need a
better solution for the general case. Perhaps drop the
sock_owned_by_user() check, and put bh_lock_sock() around the beginning
of vcc_destroy_socket() where it clears ATM_VF_READY? That'll ensure
that no ->push() is *currently* operating on a skb having seen that the
VCC is still open.
Or maybe we just make the *devices* check the ATM_VF_CLOSE flag and
refuse to send the skb? Put the entire thing into their domain. Although
that may involve extra locking in the driver to synchronise send() and
close() sufficiently.
I'm still reluctant to swap the order of the device/protocol close in
vcc_destroy_socket(). I think that'll just swap one set of problems
which is now fairly well-understood and mostly solved, for another set.
In particular, I think the device needs to see the close first, because
*it* can actually abort or flush any pending TX and RX (including
synchronising with its tasklet as solos-pci does, etc.). Only then does
the protocol tear its data structures down. But I suppose the new set of
problems could be found and overcome, if Chas wants to propose an
alternative patch set...
--
dwmw2
[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 6171 bytes --]
next prev parent reply other threads:[~2012-11-30 8:25 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-22 17:14 [PATCH v2 1/3] pppoatm: don't send frames to destroyed vcc Krzysztof Mazur
2012-10-22 17:14 ` [PATCH v2 2/3] pppoatm: fix race condition with destroying of vcc Krzysztof Mazur
2012-10-30 9:37 ` David Woodhouse
2012-10-30 19:07 ` Krzysztof Mazur
2012-10-30 19:52 ` Krzysztof Mazur
2012-10-31 10:16 ` David Woodhouse
2012-10-31 11:30 ` Krzysztof Mazur
2012-10-31 11:52 ` David Woodhouse
2012-10-30 14:26 ` Chas Williams (CONTRACTOR)
2012-10-30 18:20 ` Krzysztof Mazur
2012-10-31 9:41 ` Krzysztof Mazur
2012-10-31 10:22 ` Krzysztof Mazur
2012-10-31 20:03 ` chas williams - CONTRACTOR
2012-10-31 22:04 ` Krzysztof Mazur
2012-11-01 14:26 ` chas williams - CONTRACTOR
2012-11-02 9:40 ` Krzysztof Mazur
2012-11-02 10:54 ` Krzysztof Mazur
2012-10-22 17:14 ` [PATCH v2 3/3] pppoatm: protect against freeing " Krzysztof Mazur
2012-10-30 9:39 ` David Woodhouse
2012-10-30 19:26 ` Krzysztof Mazur
2012-11-27 17:16 ` David Woodhouse
2012-11-27 17:39 ` Krzysztof Mazur
2012-11-27 18:02 ` David Woodhouse
2012-11-27 18:28 ` Krzysztof Mazur
2012-11-28 20:18 ` Krzysztof Mazur
2012-11-28 20:44 ` David Woodhouse
2012-11-28 21:24 ` Krzysztof Mazur
2012-11-28 21:20 ` chas williams - CONTRACTOR
2012-11-28 21:45 ` [PATCH] atm: introduce vcc_pop() Krzysztof Mazur
2012-11-28 21:59 ` chas williams - CONTRACTOR
2012-11-28 22:10 ` Krzysztof Mazur
2012-11-28 22:33 ` [PATCH] atm: introduce vcc_pop_skb() Krzysztof Mazur
2012-12-03 13:22 ` David Woodhouse
2012-12-03 20:11 ` Krzysztof Mazur
2012-11-27 18:39 ` [PATCH v2 3/3] pppoatm: protect against freeing of vcc Krzysztof Mazur
2012-11-27 18:54 ` chas williams - CONTRACTOR
2012-11-27 22:36 ` [PATCH] solos-pci: Wait for pending TX to complete when releasing vcc David Woodhouse
2012-11-27 23:28 ` [PATCH] br2684: don't send frames on not-ready vcc David Woodhouse
2012-11-27 23:51 ` Krzysztof Mazur
2012-11-28 0:54 ` David Woodhouse
2012-11-28 8:08 ` Krzysztof Mazur
2012-11-28 9:58 ` David Woodhouse
2012-11-28 16:41 ` David Miller
2012-11-28 17:01 ` David Woodhouse
2012-11-28 17:04 ` David Miller
2012-11-28 17:09 ` David Woodhouse
2012-11-28 17:11 ` David Miller
2012-11-30 1:18 ` Nathan Williams
2012-11-30 1:34 ` David Woodhouse
2012-11-28 9:21 ` [PATCH v2 3/3] pppoatm: protect against freeing of vcc David Laight
2012-11-28 10:04 ` Krzysztof Mazur
2012-11-28 10:24 ` David Woodhouse
2012-11-28 15:18 ` chas williams - CONTRACTOR
2012-11-28 22:18 ` David Woodhouse
2012-11-29 10:57 ` Krzysztof Mazur
2012-11-29 11:55 ` David Woodhouse
2012-11-29 12:43 ` [PATCH] solos-pci: don't call vcc->pop() after pclose() Krzysztof Mazur
2012-11-29 12:57 ` David Woodhouse
2012-11-29 13:20 ` Krzysztof Mazur
2012-11-29 14:42 ` David Woodhouse
2012-11-29 14:55 ` Krzysztof Mazur
2012-11-29 14:41 ` chas williams - CONTRACTOR
2012-11-29 14:29 ` [PATCH v2 3/3] pppoatm: protect against freeing of vcc chas williams - CONTRACTOR
2012-11-29 15:09 ` Krzysztof Mazur
2012-11-29 15:47 ` David Woodhouse
2012-11-29 15:59 ` chas williams - CONTRACTOR
2012-11-29 16:24 ` David Woodhouse
2012-11-29 17:17 ` chas williams - CONTRACTOR
2012-11-29 18:11 ` David Woodhouse
2012-11-29 18:29 ` chas williams - CONTRACTOR
2012-11-29 22:17 ` David Woodhouse
2012-11-30 1:38 ` Chas Williams (CONTRACTOR)
2012-11-30 1:57 ` David Woodhouse
2012-11-30 8:25 ` David Woodhouse [this message]
2012-11-30 9:53 ` Krzysztof Mazur
2012-11-30 12:10 ` David Woodhouse
2012-11-30 16:23 ` David Woodhouse
2012-11-30 17:00 ` Krzysztof Mazur
2012-11-30 18:33 ` David Woodhouse
2012-11-30 17:12 ` chas williams - CONTRACTOR
2012-11-30 17:39 ` Krzysztof Mazur
2012-11-29 16:28 ` Krzysztof Mazur
2012-11-29 15:37 ` chas williams - CONTRACTOR
2012-11-29 15:59 ` David Woodhouse
2012-11-29 16:11 ` chas williams - CONTRACTOR
2012-10-23 6:52 ` [PATCH v2 1/3] pppoatm: don't send frames to destroyed vcc David Miller
2012-10-23 8:12 ` David Woodhouse
2012-10-30 9:35 ` David Woodhouse
2012-10-30 20:19 ` Krzysztof Mazur
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1354263922.21562.270.camel@shinybook.infradead.org \
--to=dwmw2@infradead.org \
--cc=David.Laight@ACULAB.COM \
--cc=chas@cmf.nrl.navy.mil \
--cc=davem@davemloft.net \
--cc=krzysiek@podlesie.net \
--cc=linux-kernel@vger.kernel.org \
--cc=nathan@traverse.com.au \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).