From: Ying Xue <ying.xue@windriver.com>
To: <eric.dumazet@gmail.com>
Cc: David Miller <davem@davemloft.net>, <netdev@vger.kernel.org>,
<alexei@purestorage.com>, <joern@purestorage.com>, <ja@ssi.bg>
Subject: Re: [PATCH net-next 2/6] neigh: fix a possible leak issue of neigh entry
Date: Mon, 18 May 2015 11:24:20 +0800 [thread overview]
Message-ID: <55595B64.70702@windriver.com> (raw)
In-Reply-To: <20150515.113950.1408734283430265055.davem@davemloft.net>
On 05/15/2015 11:39 PM, David Miller wrote:
> From: Eric Dumazet <eric.dumazet@gmail.com>
> Date: Fri, 15 May 2015 05:12:42 -0700
>
>> On Fri, 2015-05-15 at 14:55 +0800, Ying Xue wrote:
>>> Once modifying a pending timer of a neighbour, it's insufficient to
>>> post a warning message. Instead we should not take the neighbour's
>>> reference count at the same time, otherwise, it causes an issue that
>>> the neighbour cannot be freed forever.
>>>
>>> Signed-off-by: Ying Xue <ying.xue@windriver.com>
>>> ---
>>> net/core/neighbour.c | 9 +++++----
>>> 1 file changed, 5 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/net/core/neighbour.c b/net/core/neighbour.c
>>> index 3de6542..5595db3 100644
>>> --- a/net/core/neighbour.c
>>> +++ b/net/core/neighbour.c
>>> @@ -164,10 +164,11 @@ static int neigh_forced_gc(struct neigh_table *tbl)
>>>
>>> static void neigh_add_timer(struct neighbour *n, unsigned long when)
>>> {
>>> - neigh_hold(n);
>>> - if (unlikely(mod_timer(&n->timer, when))) {
>>> - printk("NEIGH: BUG, double timer add, state is %x\n",
>>> - n->nud_state);
>>> + if (likely(!mod_timer(&n->timer, when))) {
>>> + neigh_hold(n);
>>> + } else {
>>> + pr_warn("NEIGH: BUG, double timer add, state is %x\n",
>>> + n->nud_state);
>>> dump_stack();
>>> }
>>> }
>>
>>
>> NACK
>
> Indeed, major NACK. And you've been told this change is unacceptable
> multiple times already, and you've been told exactly why as well.
>
Eric, according to your below comments for the single patch,
http://www.spinics.net/lists/netdev/msg328828.html
I supposed the reason why you rejected it was because the issue of "neigh
use-after-free" was not resolved yet. More importantly, you did not explicitly
explain why the patch was wrong although I stated the problem the patch tries to
fix is different with the one discussed in the thread:
http://www.spinics.net/lists/netdev/msg323883.html
So, regarding my understanding for your comment, the patch can be acceptable if
the issue of "neigh use-after-free" is solved.
Since then I started to investigate its root cause and created the first patch
attempting to fix it. This is why I involve the patch into the series again.
If the issue of "neigh use-after-free" is fixed by the first patch although you
said the atomic_read() was not safe for us, is the patch still wrong? If it's
really wrong, can you please give more detailed explanation to help me
understand why the change is wrong and but why a similar timer usage in
sk_reset_timer() is not wrong?
Thanks,
Ying
next prev parent reply other threads:[~2015-05-18 3:24 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-15 6:55 [PATCH net-next 0/6] neigh cleanups and fixes Ying Xue
2015-05-15 6:55 ` [PATCH net-next 1/6] net: fix a double free issue for neighbour entry Ying Xue
2015-05-15 6:55 ` [PATCH net-next 2/6] neigh: fix a possible leak issue of neigh entry Ying Xue
2015-05-15 12:12 ` Eric Dumazet
2015-05-15 15:39 ` David Miller
2015-05-18 3:24 ` Ying Xue [this message]
2015-05-18 4:58 ` Eric Dumazet
2015-05-18 5:55 ` Ying Xue
2015-05-18 12:54 ` Eric Dumazet
2015-05-15 6:55 ` [PATCH net-next 3/6] neigh: don't delete neighbour time in neigh_destroy Ying Xue
2015-05-15 6:55 ` [PATCH net-next 4/6] neigh: align the usage of neigh timer with one of sock timer Ying Xue
2015-05-15 6:55 ` [PATCH net-next 5/6] neigh: neigh dead and timer variables should be protected under its lock Ying Xue
2015-05-15 6:55 ` [PATCH net-next 6/6] neigh: use standard interface to modify timer Ying Xue
2015-05-15 12:14 ` [PATCH net-next 0/6] neigh cleanups and fixes Eric Dumazet
2015-05-15 15:40 ` David Miller
2015-05-18 3:30 ` Ying Xue
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55595B64.70702@windriver.com \
--to=ying.xue@windriver.com \
--cc=alexei@purestorage.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=ja@ssi.bg \
--cc=joern@purestorage.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).