Re: dev_kfree_skb() and skb_device_unlock()

Alan Cox (alan@lxorguk.ukuu.org.uk)
Sun, 21 Sep 1997 21:46:02 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Linus Torvalds: "Re: Read/write locks"
Previous message: Alan Cox: "Re: 2.1.56 patchlet that fixes appletalk module support"

> In v2.0.31pre9 arp.c (arp_find()), I find code snippets like:
>
> if (skb != NULL && !entry) {
> skb_device_unlock(skb); /* else it is lost forever */
> dev_kfree_skb(skb, FREE_WRITE);
> }
>
> I always thought that "thou shalt not call dev_kfree_skb() on
> unlocked skbs", but apparently this violates that rule.
> What purpose does it serve to make sure that the buffer is unlocked?
> If it's unlocked, doesn't this mean that someone else could be starting
> to use it behind our back just as we try to free it?

I'd say this code is wrong too. I've no idea when that appeared or where
it appeared. If the buffer is unlocked then it should be calling
kfree_skb(). What is more worrying is that it introduces several races and
potential cases where a freed buffer might be sent or double freed.

Next message: Linus Torvalds: "Re: Read/write locks"
Previous message: Alan Cox: "Re: 2.1.56 patchlet that fixes appletalk module support"