On Wed, Jun 05, 2013 at 02:36:24PM +0800, Jason Wang wrote: > Complier may generate codes that re-read the vlan->numvtaps during > macvtap_get_queue(). This may lead a race if vlan->numvtaps were changed in > the > same time and which can lead unexpected result (e.g. very huge value). > > We need prevent the compiler from generating such codes by adding an > ACCESS_ONCE() to make sure vlan->numvtaps were only read once. > > Signed-off-by: Jason Wang <jasow...@redhat.com>
I would add that this is a theoretical issue, so no need for stable. Acked-by: Michael S. Tsirkin <m...@redhat.com> > --- > drivers/net/macvtap.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c > index 68efb91..5e485e3 100644 > --- a/drivers/net/macvtap.c > +++ b/drivers/net/macvtap.c > @@ -172,7 +172,7 @@ static struct macvtap_queue *macvtap_get_queue(struct > net_device *dev, > { > struct macvlan_dev *vlan = netdev_priv(dev); > struct macvtap_queue *tap = NULL; > - int numvtaps = vlan->numvtaps; > + int numvtaps = ACCESS_ONCE(vlan->numvtaps); > __u32 rxq; > > if (!numvtaps) > -- > 1.7.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/