| Message ID | 161046715522.2450566.488819910256264150.stgit@warthog.procyon.org.uk (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [net] rxrpc: Call state should be read with READ_ONCE() under some circumstances | expand |
| Context | Check | Description |
|---|---|---|
| netdev/cover_letter | success | Link |
| netdev/fixes_present | fail | Series targets non-next tree, but doesn't contain any Fixes tags |
| netdev/patch_count | success | Link |
| netdev/tree_selection | success | Clearly marked for net |
| netdev/subject_prefix | success | Link |
| netdev/cc_maintainers | warning | 2 maintainers not CCed: kuba@kernel.org davem@davemloft.net |
| netdev/source_inline | success | Was 0 now: 0 |
| netdev/verify_signedoff | success | Link |
| netdev/module_param | success | Was 0 now: 0 |
| netdev/build_32bit | success | Errors and warnings before: 0 this patch: 0 |
| netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
| netdev/verify_fixes | success | Link |
| netdev/checkpatch | success | total: 0 errors, 0 warnings, 0 checks, 8 lines checked |
| netdev/build_allmodconfig_warn | success | Errors and warnings before: 0 this patch: 0 |
| netdev/header_inline | success | Link |
| netdev/stable | success | Stable not CCed |
On Tue, 12 Jan 2021 15:59:15 +0000 David Howells wrote: > From: Baptiste Lepers <baptiste.lepers@gmail.com> > > The call state may be changed at any time by the data-ready routine in > response to received packets, so if the call state is to be read and acted > upon several times in a function, READ_ONCE() must be used unless the call > state lock is held. > > As it happens, we used READ_ONCE() to read the state a few lines above the > unmarked read in rxrpc_input_data(), so use that value rather than > re-reading it. > > Signed-off-by: Baptiste Lepers <baptiste.lepers@gmail.com> > Signed-off-by: David Howells <dhowells@redhat.com> Fixes: a158bdd3247b ("rxrpc: Fix call timeouts") maybe? > diff --git a/net/rxrpc/input.c b/net/rxrpc/input.c > index 667c44aa5a63..dc201363f2c4 100644 > --- a/net/rxrpc/input.c > +++ b/net/rxrpc/input.c > @@ -430,7 +430,7 @@ static void rxrpc_input_data(struct rxrpc_call *call, struct sk_buff *skb) > return; > } > > - if (call->state == RXRPC_CALL_SERVER_RECV_REQUEST) { > + if (state == RXRPC_CALL_SERVER_RECV_REQUEST) { > unsigned long timo = READ_ONCE(call->next_req_timo); > unsigned long now, expect_req_by; > > >
Jakub Kicinski <kuba@kernel.org> wrote: > On Tue, 12 Jan 2021 15:59:15 +0000 David Howells wrote: > > From: Baptiste Lepers <baptiste.lepers@gmail.com> > > > > The call state may be changed at any time by the data-ready routine in > > response to received packets, so if the call state is to be read and acted > > upon several times in a function, READ_ONCE() must be used unless the call > > state lock is held. > > > > As it happens, we used READ_ONCE() to read the state a few lines above the > > unmarked read in rxrpc_input_data(), so use that value rather than > > re-reading it. > > > > Signed-off-by: Baptiste Lepers <baptiste.lepers@gmail.com> > > Signed-off-by: David Howells <dhowells@redhat.com> > > Fixes: a158bdd3247b ("rxrpc: Fix call timeouts") > > maybe? Ah, yes. I missed there wasn't a Fixes line. Can you add that one in, or do I need to resubmit the patch? David
On Wed, 13 Jan 2021 08:23:54 +0000 David Howells wrote: > Jakub Kicinski <kuba@kernel.org> wrote: > > > On Tue, 12 Jan 2021 15:59:15 +0000 David Howells wrote: > > > From: Baptiste Lepers <baptiste.lepers@gmail.com> > > > > > > The call state may be changed at any time by the data-ready routine in > > > response to received packets, so if the call state is to be read and acted > > > upon several times in a function, READ_ONCE() must be used unless the call > > > state lock is held. > > > > > > As it happens, we used READ_ONCE() to read the state a few lines above the > > > unmarked read in rxrpc_input_data(), so use that value rather than > > > re-reading it. > > > > > > Signed-off-by: Baptiste Lepers <baptiste.lepers@gmail.com> > > > Signed-off-by: David Howells <dhowells@redhat.com> > > > > Fixes: a158bdd3247b ("rxrpc: Fix call timeouts") > > > > maybe? > > Ah, yes. I missed there wasn't a Fixes line. Can you add that one in, or do > I need to resubmit the patch? Sure, added, just checking if you didn't leave it out on purpose. Applied, thanks!
diff --git a/net/rxrpc/input.c b/net/rxrpc/input.c index 667c44aa5a63..dc201363f2c4 100644 --- a/net/rxrpc/input.c +++ b/net/rxrpc/input.c @@ -430,7 +430,7 @@ static void rxrpc_input_data(struct rxrpc_call *call, struct sk_buff *skb) return; } - if (call->state == RXRPC_CALL_SERVER_RECV_REQUEST) { + if (state == RXRPC_CALL_SERVER_RECV_REQUEST) { unsigned long timo = READ_ONCE(call->next_req_timo); unsigned long now, expect_req_by;