aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Dumazet <dada1@cosmosbay.com>2008-01-18 06:31:36 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-28 18:02:45 -0500
commitb59cfbf77dc8368c2c90b012c79553613f4d70c3 (patch)
treef5e2e9ffa576c80137126e7ebe70114b88d98003
parent95b7d924a589dbefc7ae2ea6c7144b86b75d6a47 (diff)
[FIB]: Fix rcu_dereference() abuses in fib_trie.c
node_parent() and tnode_get_child() currently use rcu_dereference(). These functions are called from both - readers only paths (where rcu_dereference() is needed), and - writer path (where rcu_dereference() is not needed) To make explicit where rcu_dereference() is really needed, I introduced new node_parent_rcu() and tnode_get_child_rcu() functions which use rcu_dereference(), while node_parent() and tnode_get_child() dont use it. Then I changed calling sites where rcu_dereference() was really needed to call the _rcu() variants. This should have no impact but for alpha architecture, and may help future sparse checks. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/fib_trie.c33
1 files changed, 21 insertions, 12 deletions
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
index fbc80d15827b..a52334d30cf8 100644
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -165,9 +165,13 @@ static struct kmem_cache *fn_alias_kmem __read_mostly;
165 165
166static inline struct tnode *node_parent(struct node *node) 166static inline struct tnode *node_parent(struct node *node)
167{ 167{
168 struct tnode *ret; 168 return (struct tnode *)(node->parent & ~NODE_TYPE_MASK);
169}
170
171static inline struct tnode *node_parent_rcu(struct node *node)
172{
173 struct tnode *ret = node_parent(node);
169 174
170 ret = (struct tnode *)(node->parent & ~NODE_TYPE_MASK);
171 return rcu_dereference(ret); 175 return rcu_dereference(ret);
172} 176}
173 177
@@ -177,13 +181,18 @@ static inline void node_set_parent(struct node *node, struct tnode *ptr)
177 (unsigned long)ptr | NODE_TYPE(node)); 181 (unsigned long)ptr | NODE_TYPE(node));
178} 182}
179 183
180/* rcu_read_lock needs to be hold by caller from readside */ 184static inline struct node *tnode_get_child(struct tnode *tn, unsigned int i)
185{
186 BUG_ON(i >= 1U << tn->bits);
181 187
182static inline struct node *tnode_get_child(struct tnode *tn, int i) 188 return tn->child[i];
189}
190
191static inline struct node *tnode_get_child_rcu(struct tnode *tn, unsigned int i)
183{ 192{
184 BUG_ON(i >= 1 << tn->bits); 193 struct node *ret = tnode_get_child(tn, i);
185 194
186 return rcu_dereference(tn->child[i]); 195 return rcu_dereference(ret);
187} 196}
188 197
189static inline int tnode_child_length(const struct tnode *tn) 198static inline int tnode_child_length(const struct tnode *tn)
@@ -938,7 +947,7 @@ fib_find_node(struct trie *t, u32 key)
938 947
939 if (tkey_sub_equals(tn->key, pos, tn->pos-pos, key)) { 948 if (tkey_sub_equals(tn->key, pos, tn->pos-pos, key)) {
940 pos = tn->pos + tn->bits; 949 pos = tn->pos + tn->bits;
941 n = tnode_get_child(tn, tkey_extract_bits(key, tn->pos, tn->bits)); 950 n = tnode_get_child_rcu(tn, tkey_extract_bits(key, tn->pos, tn->bits));
942 } else 951 } else
943 break; 952 break;
944 } 953 }
@@ -1688,7 +1697,7 @@ static struct leaf *nextleaf(struct trie *t, struct leaf *thisleaf)
1688 1697
1689 p = (struct tnode*) trie; /* Start */ 1698 p = (struct tnode*) trie; /* Start */
1690 } else 1699 } else
1691 p = node_parent(c); 1700 p = node_parent_rcu(c);
1692 1701
1693 while (p) { 1702 while (p) {
1694 int pos, last; 1703 int pos, last;
@@ -1725,7 +1734,7 @@ static struct leaf *nextleaf(struct trie *t, struct leaf *thisleaf)
1725up: 1734up:
1726 /* No more children go up one step */ 1735 /* No more children go up one step */
1727 c = (struct node *) p; 1736 c = (struct node *) p;
1728 p = node_parent(c); 1737 p = node_parent_rcu(c);
1729 } 1738 }
1730 return NULL; /* Ready. Root of trie */ 1739 return NULL; /* Ready. Root of trie */
1731} 1740}
@@ -1987,7 +1996,7 @@ static struct node *fib_trie_get_next(struct fib_trie_iter *iter)
1987 iter->tnode, iter->index, iter->depth); 1996 iter->tnode, iter->index, iter->depth);
1988rescan: 1997rescan:
1989 while (cindex < (1<<tn->bits)) { 1998 while (cindex < (1<<tn->bits)) {
1990 struct node *n = tnode_get_child(tn, cindex); 1999 struct node *n = tnode_get_child_rcu(tn, cindex);
1991 2000
1992 if (n) { 2001 if (n) {
1993 if (IS_LEAF(n)) { 2002 if (IS_LEAF(n)) {
@@ -2006,7 +2015,7 @@ rescan:
2006 } 2015 }
2007 2016
2008 /* Current node exhausted, pop back up */ 2017 /* Current node exhausted, pop back up */
2009 p = node_parent((struct node *)tn); 2018 p = node_parent_rcu((struct node *)tn);
2010 if (p) { 2019 if (p) {
2011 cindex = tkey_extract_bits(tn->key, p->pos, p->bits)+1; 2020 cindex = tkey_extract_bits(tn->key, p->pos, p->bits)+1;
2012 tn = p; 2021 tn = p;
@@ -2315,7 +2324,7 @@ static int fib_trie_seq_show(struct seq_file *seq, void *v)
2315 if (v == SEQ_START_TOKEN) 2324 if (v == SEQ_START_TOKEN)
2316 return 0; 2325 return 0;
2317 2326
2318 if (!node_parent(n)) { 2327 if (!node_parent_rcu(n)) {
2319 if (iter->trie == iter->trie_local) 2328 if (iter->trie == iter->trie_local)
2320 seq_puts(seq, "<local>:\n"); 2329 seq_puts(seq, "<local>:\n");
2321 else 2330 else