Re: [PATCH v1] net: ipv6: fix racey clock check in route cache aging logic
From: Eric Dumazet
Date: Thu Oct 25 2018 - 17:40:53 EST
On 10/25/2018 02:13 PM, Brendan Higgins wrote:
> Fix a bug where, with certain settings, the aging logic does not use the
> time passed in as the current time, but instead directly checks jiffies.
>
> This bug can be reproduced with (and this fix verified with) the test
> at: https://kunit-review.googlesource.com/c/linux/+/1156
>
> Fixes: 31afeb425f7f ("ipv6: change route cache aging logic")
> Discovered-by-KUnit: https://kunit-review.googlesource.com/c/linux/+/1156
> Signed-off-by: Brendan Higgins <brendanhiggins@xxxxxxxxxx>
> ---
> net/ipv6/route.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/ipv6/route.c b/net/ipv6/route.c
> index 2a7423c394560..54d28b91fd840 100644
> --- a/net/ipv6/route.c
> +++ b/net/ipv6/route.c
> @@ -1734,7 +1734,7 @@ static void rt6_age_examine_exception(struct rt6_exception_bucket *bucket,
> rt6_remove_exception(bucket, rt6_ex);
> return;
> }
> - } else if (time_after(jiffies, rt->dst.expires)) {
> + } else if (time_after(now, rt->dst.expires)) {
> RT6_TRACE("purging expired route %p\n", rt);
> rt6_remove_exception(bucket, rt6_ex);
> return;
>
I do not think there is a bug here ?
As a matter of fact, using the latest value of jiffies is probably better,
since in some cases the @now variable could be quite in the past.