From: weichenchen <weichen.c...@linux.alibaba.com> Date: Fri, 25 Dec 2020 13:44:45 +0800
> pneigh_enqueue() tries to obtain a random delay by mod > NEIGH_VAR(p, PROXY_DELAY). However, NEIGH_VAR(p, PROXY_DELAY) > migth be zero at that point because someone could write zero > to /proc/sys/net/ipv4/neigh/[device]/proxy_delay after the > callers check it. > > This patch uses prandom_u32_max() to get a random delay instead > which avoids potential division by zero. > > Signed-off-by: weichenchen <weichen.c...@linux.alibaba.com> > --- > V4: > - Use prandom_u32_max() to get a random delay in > pneigh_enqueue(). > V3: > - Callers need to pass the delay time to pneigh_enqueue() > now and they should guarantee it is not zero. > - Use READ_ONCE() to read NEIGH_VAR(p, PROXY_DELAY) in both > of the existing callers of pneigh_enqueue() and then pass > it to pneigh_enqueue(). > V2: > - Use READ_ONCE() to prevent the complier from re-reading > NEIGH_VAR(p, PROXY_DELAY). > - Give a hint to the complier that delay <= 0 is unlikely > to happen. > > V4 is quite concise and works well. > Thanks for Eric's and Jakub's advice. Applied and queued up for -stable, thanks.
