From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Miller Date: Wed, 09 Aug 2017 04:07:06 +0000 Subject: Re: [PATCH net] ppp: fix xmit recursion detection on ppp channels Message-Id: <20170808.210706.206603185784182097.davem@davemloft.net> List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: g.nault@alphalink.fr Cc: netdev@vger.kernel.org, gfree.wind@vip.163.com, jianying.liu@ikuai8.com, linux-ppp@vger.kernel.org, paulus@samba.org From: Guillaume Nault Date: Tue, 8 Aug 2017 11:43:24 +0200 > Commit e5dadc65f9e0 ("ppp: Fix false xmit recursion detect with two ppp > devices") dropped the xmit_recursion counter incrementation in > ppp_channel_push() and relied on ppp_xmit_process() for this task. > But __ppp_channel_push() can also send packets directly (using the > .start_xmit() channel callback), in which case the xmit_recursion > counter isn't incremented anymore. If such packets get routed back to > the parent ppp unit, ppp_xmit_process() won't notice the recursion and > will call ppp_channel_push() on the same channel, effectively creating > the deadlock situation that the xmit_recursion mechanism was supposed > to prevent. > > This patch re-introduces the xmit_recursion counter incrementation in > ppp_channel_push(). Since the xmit_recursion variable is now part of > the parent ppp unit, incrementation is skipped if the channel doesn't > have any. This is fine because only packets routed through the parent > unit may enter the channel recursively. > > Finally, we have to ensure that pch->ppp is not going to be modified > while executing ppp_channel_push(). Instead of taking this lock only > while calling ppp_xmit_process(), we now have to hold it for the full > ppp_channel_push() execution. This respects the ppp locks ordering > which requires locking ->upl before ->downl. > > Fixes: e5dadc65f9e0 ("ppp: Fix false xmit recursion detect with two ppp devices") > Signed-off-by: Guillaume Nault Applied, thank you.