Re: use-after-free in sock_wake_async

From: Rainer Weikusat
Date: Wed Nov 25 2015 - 15:58:29 EST

Next message: David Rientjes: "Re: [PATCH 2/2] mm: warn about ALLOC_NO_WATERMARKS request failures"
Previous message: David Rientjes: "Re: [PATCH 1/2] mm, oom: Give __GFP_NOFAIL allocations access to memory reserves"
In reply to: Eric Dumazet: "Re: use-after-free in sock_wake_async"
Next in thread: Eric Dumazet: "Re: use-after-free in sock_wake_async"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Eric Dumazet <eric.dumazet@xxxxxxxxx> writes:
> On Wed, 2015-11-25 at 11:50 -0800, Eric Dumazet wrote:
>
>> > other->sk_data_ready(other);
>> > + unix_state_unlock(other);
>
>
> Also, problem with such construct is that we wakeup a thread that will
> block on the lock we hold.
>
> Beauty of sk_data_ready() is to call it once we hold no lock any more,
> to enable another cpu to immediately proceed.
>
> In this case, 'other' can not disappear, so it should be safe.

I do agree that keeping the ->sk_data_ready outside of the lock will
very likely have performance advantages. That's just something I
wouldn't have undertaken because I'd be reluctant to make a fairly
complicated change to a lot of code in order to improve performance
unless performance was actually found to be lacking and because it would
step onto to many different people's turf.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Rientjes: "Re: [PATCH 2/2] mm: warn about ALLOC_NO_WATERMARKS request failures"
Previous message: David Rientjes: "Re: [PATCH 1/2] mm, oom: Give __GFP_NOFAIL allocations access to memory reserves"
In reply to: Eric Dumazet: "Re: use-after-free in sock_wake_async"
Next in thread: Eric Dumazet: "Re: use-after-free in sock_wake_async"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]