Skip to main content

Browse the archive

Revision a18e6a186f53af06937a2c268c72443336f4ab56 authored by Thomas Graf on 18 December 2014, 10:30:26 UTC, committed by David S. Miller on 18 December 2014, 17:35:55 UTC 
netlink: Don't reorder loads/stores before marking mmap netlink frame as available
 
Each mmap Netlink frame contains a status field which indicates
whether the frame is unused, reserved, contains data or needs to
be skipped. Both loads and stores may not be reordeded and must
complete before the status field is changed and another CPU might
pick up the frame for use. Use an smp_mb() to cover needs of both
types of callers to netlink_set_status(), callers which have been
reading data frame from the frame, and callers which have been
filling or releasing and thus writing to the frame.

- Example code path requiring a smp_rmb():
  memcpy(skb->data, (void *)hdr + NL_MMAP_HDRLEN, hdr->nm_len);
  netlink_set_status(hdr, NL_MMAP_STATUS_UNUSED);

- Example code path requiring a smp_wmb():
  hdr->nm_uid	= from_kuid(sk_user_ns(sk), NETLINK_CB(skb).creds.uid);
  hdr->nm_gid	= from_kgid(sk_user_ns(sk), NETLINK_CB(skb).creds.gid);
  netlink_frame_flush_dcache(hdr);
  netlink_set_status(hdr, NL_MMAP_STATUS_VALID);

Fixes: f9c228 ("netlink: implement memory mapped recvmsg()")
Reported-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
1 parent 4682a03
History
File Mode Size
9p
adfs
affs
afs
autofs4
befs
bfs
btrfs
cachefiles
ceph
cifs
coda
configfs
cramfs
debugfs
devpts
dlm
ecryptfs
efivarfs
efs
exofs
exportfs
ext2
ext3
ext4
f2fs
fat
freevxfs
fscache
fuse
gfs2
hfs
hfsplus
hostfs
hpfs
hppfs
hugetlbfs
isofs
jbd
jbd2
jffs2
jfs
kernfs
lockd
logfs
minix
ncpfs
nfs
nfs_common
nfsd
nilfs2
nls
notify
ntfs
ocfs2
omfs
openpromfs
overlayfs
proc
pstore
qnx4
qnx6
quota
ramfs
reiserfs
romfs
squashfs
sysfs
sysv
ubifs
udf
ufs
xfs
Kconfig -rw-r--r-- 6.0 KB
Kconfig.binfmt -rw-r--r-- 7.3 KB
Makefile -rw-r--r-- 4.1 KB
aio.c -rw-r--r-- 42.8 KB
anon_inodes.c -rw-r--r-- 4.9 KB
attr.c -rw-r--r-- 7.9 KB
bad_inode.c -rw-r--r-- 7.8 KB
binfmt_aout.c -rw-r--r-- 10.8 KB
binfmt_elf.c -rw-r--r-- 60.6 KB
binfmt_elf_fdpic.c -rw-r--r-- 46.9 KB
binfmt_em86.c -rw-r--r-- 2.8 KB
binfmt_flat.c -rw-r--r-- 26.4 KB
binfmt_misc.c -rw-r--r-- 17.7 KB
binfmt_script.c -rw-r--r-- 3.0 KB
binfmt_som.c -rw-r--r-- 7.1 KB
block_dev.c -rw-r--r-- 44.2 KB
buffer.c -rw-r--r-- 88.8 KB
char_dev.c -rw-r--r-- 14.1 KB
compat.c -rw-r--r-- 37.2 KB
compat_binfmt_elf.c -rw-r--r-- 3.7 KB
compat_ioctl.c -rw-r--r-- 45.4 KB
coredump.c -rw-r--r-- 18.1 KB
dcache.c -rw-r--r-- 85.7 KB
dcookies.c -rw-r--r-- 6.9 KB
direct-io.c -rw-r--r-- 37.6 KB
drop_caches.c -rw-r--r-- 1.8 KB
eventfd.c -rw-r--r-- 11.2 KB
eventpoll.c -rw-r--r-- 59.0 KB
exec.c -rw-r--r-- 39.9 KB
fcntl.c -rw-r--r-- 16.6 KB
fhandle.c -rw-r--r-- 6.5 KB
file.c -rw-r--r-- 21.5 KB
file_table.c -rw-r--r-- 8.4 KB
filesystems.c -rw-r--r-- 6.4 KB
fs-writeback.c -rw-r--r-- 40.0 KB
fs_pin.c -rw-r--r-- 1.5 KB
fs_struct.c -rw-r--r-- 3.3 KB
inode.c -rw-r--r-- 49.9 KB
internal.h -rw-r--r-- 3.5 KB
ioctl.c -rw-r--r-- 15.6 KB
libfs.c -rw-r--r-- 27.9 KB
locks.c -rw-r--r-- 67.8 KB
mbcache.c -rw-r--r-- 24.1 KB
mount.h -rw-r--r-- 3.4 KB
mpage.c -rw-r--r-- 19.9 KB
namei.c -rw-r--r-- 111.7 KB
namespace.c -rw-r--r-- 77.9 KB
no-block.c -rw-r--r-- 688 bytes
open.c -rw-r--r-- 26.6 KB
pipe.c -rw-r--r-- 25.0 KB
pnode.c -rw-r--r-- 10.1 KB
pnode.h -rw-r--r-- 1.7 KB
posix_acl.c -rw-r--r-- 19.9 KB
proc_namespace.c -rw-r--r-- 7.4 KB
read_write.c -rw-r--r-- 30.4 KB
readdir.c -rw-r--r-- 6.9 KB
select.c -rw-r--r-- 25.4 KB
seq_file.c -rw-r--r-- 21.8 KB
signalfd.c -rw-r--r-- 9.1 KB
splice.c -rw-r--r-- 46.1 KB
stack.c -rw-r--r-- 2.5 KB
stat.c -rw-r--r-- 12.0 KB
statfs.c -rw-r--r-- 5.3 KB
super.c -rw-r--r-- 34.9 KB
sync.c -rw-r--r-- 9.5 KB
timerfd.c -rw-r--r-- 13.0 KB
utimes.c -rw-r--r-- 5.9 KB
xattr.c -rw-r--r-- 22.8 KB
back to top