[PATCH] appletalk: Fix potential refcount leak

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] appletalk: Fix potential refcount leak
@ 2022-10-24 14:47 Liang He
  2022-10-24 15:36 ` Eric Dumazet
  0 siblings, 1 reply; 4+ messages in thread
From: Liang He @ 2022-10-24 14:47 UTC (permalink / raw)
  To: davem, edumazet, kuba, pabeni, netdev, windhl

In atrtr_create(), we have added a dev_hold for the new reference.
However, based on the code, if the 'rt' is not NULL and its 'dev'
is not NULL, we should use dev_put() for the replaced reference.

Signed-off-by: Liang He <windhl@126.com>
---
 net/appletalk/ddp.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c
index a06f4d4a6f47..7e317d6448d1 100644
--- a/net/appletalk/ddp.c
+++ b/net/appletalk/ddp.c
@@ -564,6 +564,7 @@ static int atrtr_create(struct rtentry *r, struct net_device *devhint)
 	/* Fill in the routing entry */
 	rt->target  = ta->sat_addr;
 	dev_hold(devhint);
+	dev_put(rt->dev);
 	rt->dev     = devhint;
 	rt->flags   = r->rt_flags;
 	rt->gateway = ga->sat_addr;
-- 
2.25.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] appletalk: Fix potential refcount leak
  2022-10-24 14:47 [PATCH] appletalk: Fix potential refcount leak Liang He
@ 2022-10-24 15:36 ` Eric Dumazet
  2022-10-24 21:50   ` Jakub Kicinski
  0 siblings, 1 reply; 4+ messages in thread
From: Eric Dumazet @ 2022-10-24 15:36 UTC (permalink / raw)
  To: Liang He; +Cc: davem, kuba, pabeni, netdev

On Mon, Oct 24, 2022 at 8:25 AM Liang He <windhl@126.com> wrote:
>
> In atrtr_create(), we have added a dev_hold for the new reference.
> However, based on the code, if the 'rt' is not NULL and its 'dev'
> is not NULL, we should use dev_put() for the replaced reference.
>
> Signed-off-by: Liang He <windhl@126.com>
> ---
>  net/appletalk/ddp.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c
> index a06f4d4a6f47..7e317d6448d1 100644
> --- a/net/appletalk/ddp.c
> +++ b/net/appletalk/ddp.c
> @@ -564,6 +564,7 @@ static int atrtr_create(struct rtentry *r, struct net_device *devhint)
>         /* Fill in the routing entry */
>         rt->target  = ta->sat_addr;
>         dev_hold(devhint);
> +       dev_put(rt->dev);
>         rt->dev     = devhint;
>         rt->flags   = r->rt_flags;
>         rt->gateway = ga->sat_addr;
>

IMO appletalk is probably completely broken.

atalk_routes_lock is not held while other threads might use rt->dev
and would not expect rt->dev to be changed under them
(atalk_route_packet() )

I would vote to remove it completely, unless someone is willing to
test any change in it.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] appletalk: Fix potential refcount leak
  2022-10-24 15:36 ` Eric Dumazet
@ 2022-10-24 21:50   ` Jakub Kicinski
  2022-10-25  7:15     ` Arnd Bergmann
  0 siblings, 1 reply; 4+ messages in thread
From: Jakub Kicinski @ 2022-10-24 21:50 UTC (permalink / raw)
  To: Eric Dumazet, Arnd Bergmann; +Cc: Liang He, davem, pabeni, netdev

On Mon, 24 Oct 2022 08:36:13 -0700 Eric Dumazet wrote:
> IMO appletalk is probably completely broken.
> 
> atalk_routes_lock is not held while other threads might use rt->dev
> and would not expect rt->dev to be changed under them
> (atalk_route_packet() )
> 
> I would vote to remove it completely, unless someone is willing to
> test any change in it.

+1 for killing all of appletalk.

Arnd, I think you suggested the removal in the past as well, or were
you just saying to remove localtalk ?

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] appletalk: Fix potential refcount leak
  2022-10-24 21:50   ` Jakub Kicinski
@ 2022-10-25  7:15     ` Arnd Bergmann
  0 siblings, 0 replies; 4+ messages in thread
From: Arnd Bergmann @ 2022-10-25  7:15 UTC (permalink / raw)
  To: Jakub Kicinski, Eric Dumazet
  Cc: Liang He, David S . Miller, Paolo Abeni, Netdev, Doug Brown

On Mon, Oct 24, 2022, at 23:50, Jakub Kicinski wrote:
> On Mon, 24 Oct 2022 08:36:13 -0700 Eric Dumazet wrote:
>> IMO appletalk is probably completely broken.
>> 
>> atalk_routes_lock is not held while other threads might use rt->dev
>> and would not expect rt->dev to be changed under them
>> (atalk_route_packet() )
>> 
>> I would vote to remove it completely, unless someone is willing to
>> test any change in it.
>
> +1 for killing all of appletalk.
>
> Arnd, I think you suggested the removal in the past as well, or were
> you just saying to remove localtalk ?

As far as I can tell, there were no objections to removing localtalk,
and definite upsides to removing the last such driver (CONFIG_COPS).
Similarly, it seems that IPDDP (IP tunneled through appletalk) can
probably go, even though it does not depend on specific hardware.

According to Doug Brown, only ethertalk is used in practice, but
there are definitely users of that. See [1] for the thread from
when this came up last.

     Arnd

[1] https://lore.kernel.org/netdev/9cac4fbd-9557-b0b8-54fa-93f0290a6fb8@schmorgal.com/

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-10-25  7:16 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-10-24 14:47 [PATCH] appletalk: Fix potential refcount leak Liang He
2022-10-24 15:36 ` Eric Dumazet
2022-10-24 21:50   ` Jakub Kicinski
2022-10-25  7:15     ` Arnd Bergmann

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).