Jason Wang
2022-Jul-01 05:47 UTC
[PATCH net V3] virtio-net: fix the race between refill work and close
On Fri, Jul 1, 2022 at 12:03 PM Jakub Kicinski <kuba at kernel.org> wrote:> > On Fri, 1 Jul 2022 10:06:55 +0800 Jason Wang wrote: > > We try using cancel_delayed_work_sync() to prevent the work from > > enabling NAPI. This is insufficient since we don't disable the source > > of the refill work scheduling. This means an NAPI poll callback after > > cancel_delayed_work_sync() can schedule the refill work then can > > re-enable the NAPI that leads to use-after-free [1]. > > > > Since the work can enable NAPI, we can't simply disable NAPI before > > calling cancel_delayed_work_sync(). So fix this by introducing a > > dedicated boolean to control whether or not the work could be > > scheduled from NAPI. > > Hm, does not apply cleanly to net or Linus's tree.May bad, let me post a new version. Thanks>