Re: [net-next rfc V3 1/9] macvtap: fix a possible race between queueselection and changing queues
From: Michael S. Tsirkin
Date: Wed Jun 05 2013 - 06:35:04 EST
On Wed, Jun 05, 2013 at 02:36:24PM +0800, Jason Wang wrote:
> Complier may generate codes that re-read the vlan->numvtaps during
> macvtap_get_queue(). This may lead a race if vlan->numvtaps were changed in the
> same time and which can lead unexpected result (e.g. very huge value).
>
> We need prevent the compiler from generating such codes by adding an
> ACCESS_ONCE() to make sure vlan->numvtaps were only read once.
>
> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx>
I would add that this is a theoretical issue, so no need
for stable.
Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx>
> ---
> drivers/net/macvtap.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c
> index 68efb91..5e485e3 100644
> --- a/drivers/net/macvtap.c
> +++ b/drivers/net/macvtap.c
> @@ -172,7 +172,7 @@ static struct macvtap_queue *macvtap_get_queue(struct net_device *dev,
> {
> struct macvlan_dev *vlan = netdev_priv(dev);
> struct macvtap_queue *tap = NULL;
> - int numvtaps = vlan->numvtaps;
> + int numvtaps = ACCESS_ONCE(vlan->numvtaps);
> __u32 rxq;
>
> if (!numvtaps)
> --
> 1.7.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/