Re: [stable] [058/152] tcp: protect sysctl_tcp_cookie_size reads

[William Allen Simpson]

On 1/8/11 6:58 AM, William Allen Simpson wrote:

Eric was *not* *truthful* saying there were "checkpatch.pl errors/warnings" in
my code.

I've received a private email complaining that I've not properly attributed
the origin of the patch.  Given a person has already lied to me about this,
I'm not sure.  When it comes to personal integrity, it's "one strike and
you're out"!

Since Eric had previously reviewed the original code, surely any such error
would have been found by him at that time.  Perhaps he made a mistake?

However, I'm happy to add a Reported-by line.  If this is an error, hopefully
somebody will correct it.

>From bd6f04cbee4c924e07cf3a1819a24acc3cc2490b Mon Sep 17 00:00:00 2001
From: William Allen Simpson <william.allen.simp...@gmail.com>
Date: Sat, 8 Jan 2011 05:58:21 -0500
Subject: [PATCH] sysctl_tcp_cookie_size read once

Read sysctl_tcp_cookie_size only once in tcp_cookie_size_check(),
as it might be concurrently changed by another cpu.

Reported-by: Eric Dumazet <eric.duma...@gmail.com>
Signed-off-by: william.allen.simp...@gmail.com
---
 net/ipv4/tcp_output.c |   15 +++++++++------
 1 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index de3bd84..49be4e3 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -392,27 +392,30 @@ struct tcp_out_options {
  */
 static u8 tcp_cookie_size_check(u8 desired)
 {
+       int cookie_size;
+
        if (desired > 0) {
                /* previously specified */
                return desired;
        }
-       if (sysctl_tcp_cookie_size <= 0) {
+       cookie_size = ACCESS_ONCE(sysctl_tcp_cookie_size);
+       if (cookie_size <= 0) {
                /* no default specified */
                return 0;
        }
-       if (sysctl_tcp_cookie_size <= TCP_COOKIE_MIN) {
+       if (cookie_size <= TCP_COOKIE_MIN) {
                /* value too small, specify minimum */
                return TCP_COOKIE_MIN;
        }
-       if (sysctl_tcp_cookie_size >= TCP_COOKIE_MAX) {
+       if (cookie_size >= TCP_COOKIE_MAX) {
                /* value too large, specify maximum */
                return TCP_COOKIE_MAX;
        }
-       if (0x1 & sysctl_tcp_cookie_size) {
+       if (cookie_size & 0x1) {
                /* 8-bit multiple, illegal, fix it */
-               return (u8)(sysctl_tcp_cookie_size + 0x1);
+               cookie_size += 0x1;
        }
-       return (u8)sysctl_tcp_cookie_size;
+       return (u8)cookie_size;
 }
 
 /* Write previously computed TCP options to the packet.
-- 
1.7.1


_______________________________________________
stable mailing list
stable@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/stable