Re: [PATCH v4] sctp: fix ASCONF list handling

[PATCH] sctp: fix ASCONF list handling · <hidden> · 2015-05-28
Re: [PATCH] sctp: fix ASCONF list handling · Neil Horman <nhorman@tuxdriver.com> · 2015-05-28
Re: [PATCH] sctp: fix ASCONF list handling · Marcelo Ricardo Leitner <hidden> · 2015-05-28
Re: [PATCH] sctp: fix ASCONF list handling · Marcelo Ricardo Leitner <hidden> · 2015-05-28
Re: [PATCH] sctp: fix ASCONF list handling · Neil Horman <nhorman@tuxdriver.com> · 2015-05-28
Re: [PATCH] sctp: fix ASCONF list handling · Marcelo Ricardo Leitner <hidden> · 2015-05-28
Re: [PATCH] sctp: fix ASCONF list handling · Neil Horman <nhorman@tuxdriver.com> · 2015-05-29
Re: [PATCH] sctp: fix ASCONF list handling · Marcelo Ricardo Leitner <hidden> · 2015-05-29
Re: [PATCH] sctp: fix ASCONF list handling · Neil Horman <nhorman@tuxdriver.com> · 2015-06-01
Re: [PATCH] sctp: fix ASCONF list handling · Marcelo Ricardo Leitner <hidden> · 2015-06-01
Re: [PATCH] sctp: fix ASCONF list handling · Neil Horman <nhorman@tuxdriver.com> · 2015-06-02
[PATCH v2 1/2] sctp: rcu-ify addr_waitq · <hidden> · 2015-06-03
Re: [PATCH v2 1/2] sctp: rcu-ify addr_waitq · Marcelo Ricardo Leitner <hidden> · 2015-06-03
Re: [PATCH v2 1/2] sctp: rcu-ify addr_waitq · Neil Horman <nhorman@tuxdriver.com> · 2015-06-04
Re: [PATCH v2 1/2] sctp: rcu-ify addr_waitq · Marcelo Ricardo Leitner <hidden> · 2015-06-05
[PATCH v3 1/2] sctp: rcu-ify addr_waitq · <hidden> · 2015-06-05
Re: [PATCH v3 1/2] sctp: rcu-ify addr_waitq · Neil Horman <nhorman@tuxdriver.com> · 2015-06-08
Re: [PATCH v3 1/2] sctp: rcu-ify addr_waitq · Hannes Frederic Sowa <hidden> · 2015-06-08
Re: [PATCH v3 1/2] sctp: rcu-ify addr_waitq · Hannes Frederic Sowa <hidden> · 2015-06-08
Re: [PATCH v3 1/2] sctp: rcu-ify addr_waitq · Neil Horman <nhorman@tuxdriver.com> · 2015-06-08
Re: [PATCH v3 1/2] sctp: rcu-ify addr_waitq · Hannes Frederic Sowa <hidden> · 2015-06-08
Re: [PATCH v3 1/2] sctp: rcu-ify addr_waitq · Neil Horman <nhorman@tuxdriver.com> · 2015-06-09
Re: [PATCH v3 1/2] sctp: rcu-ify addr_waitq · Marcelo Ricardo Leitner <hidden> · 2015-06-09
Re: [PATCH v3 1/2] sctp: rcu-ify addr_waitq · Marcelo Ricardo Leitner <hidden> · 2015-06-10
Re: [PATCH v3 1/2] sctp: rcu-ify addr_waitq · Neil Horman <nhorman@tuxdriver.com> · 2015-06-10
[PATCH v4] sctp: fix ASCONF list handling · <hidden> · 2015-06-11
Re: [PATCH v4] sctp: fix ASCONF list handling · David Miller <davem@davemloft.net> · 2015-06-11
[PATCH v5] sctp: fix ASCONF list handling · marcelo.leitner@gmail.com · 2015-06-12
Re: [PATCH v5] sctp: fix ASCONF list handling · David Miller <davem@davemloft.net> · 2015-06-14
[PATCH v3 2/2] sctp: fix ASCONF list handling · <hidden> · 2015-06-05
Re: [PATCH v3 2/2] sctp: fix ASCONF list handling · Hannes Frederic Sowa <hidden> · 2015-06-08
Re: [PATCH v3 2/2] sctp: fix ASCONF list handling · Marcelo Ricardo Leitner <hidden> · 2015-06-09
Re: [PATCH v3 2/2] sctp: fix ASCONF list handling · Neil Horman <nhorman@tuxdriver.com> · 2015-06-09
[PATCH v2 2/2] sctp: fix ASCONF list handling · <hidden> · 2015-06-03

From: David Miller <davem@davemloft.net>
Date: 2015-06-11 23:31:23
Also in: linux-sctp

From: mleitner@redhat.com
Date: Thu, 11 Jun 2015 11:30:46 -0300

    Attempts to circumvent this lock invertion with RCU and/or list splicing
    were unsuccessful, as they led to more and more code to handle it
    properly.
    
    Back when Hannes started reviewing the patches, he had asked if I
    couldn't take the lock earlier during the socket destruction. I had said
    no because sctp_destroy_sock() is called with socket lock already held
    on sctp_close_sock() and such would not be possible to handle on error
    handling situations like when sctp_init_sock() fails and
    sctp_destroy_sock() is called right after that.
    
    But if we take care that nothing fails after initializing asconf on
    sctp_init_sock(), this is possible, and less complicated than my RCU and
    list splicing attempts.

This is definitely a cleaner/simpler fix, but:

quoted hunk ↗ jump to hunk

@@ -1528,7 +1528,10 @@ static void sctp_close(struct sock *sk, long timeout)
 
 	/* Supposedly, no process has access to the socket, but
 	 * the net layers still may.
+	 * Also, sctp_destroy_sock() needs to be called with addr_wq_lock
+	 * held and that should be grabbed before socket lock.
 	 */
+	spin_lock_bh(&net->sctp.addr_wq_lock);
 	local_bh_disable();
 	bh_lock_sock(sk);
 
@@ -1540,6 +1543,7 @@ static void sctp_close(struct sock *sk, long timeout)
 
 	bh_unlock_sock(sk);
 	local_bh_enable();
+	spin_unlock_bh(&net->sctp.addr_wq_lock);
 
 	sock_put(sk);
 

The local_bh_{enable,disable}() now appear to be superfluous and thus
can be removed.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help