Re: data-race in nf_tables_newtable / nf_tables_newtable

From: Florian Westphal
Date: Mon Aug 22 2022 - 16:41:49 EST

Next message: kernel test robot: "[peterz-queue:perf/wip.rewrite 5/5] kernel/events/core.c:846:17: error: continue statement not within a loop"
Previous message: Kees Cook: "PKU usage improvements for threads"
In reply to: Gabriel Ryan: "Re: data-race in nf_tables_newtable / nf_tables_newtable"
Next in thread: Gabriel Ryan: "Re: data-race in nf_tables_newtable / nf_tables_newtable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Gabriel Ryan <gabe@xxxxxxxxxxxxxxx> wrote:
> Hi Florian,
>
> I just looked at the lock event trace from our report and it looks
> like two distinct commit mutexes were held when the race was
> triggered. I think the race is probably on the table_handle variable
> on net/netfilter/nf_tables_api.c:1221, and not the table->handle field
> being written to.

See

https://patchwork.ozlabs.org/project/netfilter-devel/patch/20220821085939.571378-1-pablo@xxxxxxxxxxxxx/

which makes table_handle per netns.

Next message: kernel test robot: "[peterz-queue:perf/wip.rewrite 5/5] kernel/events/core.c:846:17: error: continue statement not within a loop"
Previous message: Kees Cook: "PKU usage improvements for threads"
In reply to: Gabriel Ryan: "Re: data-race in nf_tables_newtable / nf_tables_newtable"
Next in thread: Gabriel Ryan: "Re: data-race in nf_tables_newtable / nf_tables_newtable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]