From: Eric W. Biederman Date: Thu, 20 Oct 2011 04:26:39 +0000 (+0000) Subject: macvtap: Fix macvtap_open races in the zero copy enable code. X-Git-Tag: next-20111025~57^2~13 X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=047af9cfedfa357e1497e327eaa893253ca51971;p=karo-tx-linux.git macvtap: Fix macvtap_open races in the zero copy enable code. To see if it is appropriate to enable the macvtap zero copy feature don't test the lowerdev network device flags. Instead test the macvtap network device flags which are a direct copy of the lowerdev flags. This is important because nothing holds a reference to lowerdev and on a very bad day we lowerdev could be a pointer to stale memory. Signed-off-by: Eric W. Biederman Signed-off-by: David S. Miller --- diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c index 70aa628834f0..1d9c9c209672 100644 --- a/drivers/net/macvtap.c +++ b/drivers/net/macvtap.c @@ -343,7 +343,6 @@ static int macvtap_open(struct inode *inode, struct file *file) { struct net *net = current->nsproxy->net_ns; struct net_device *dev = dev_get_by_index(net, iminor(inode)); - struct macvlan_dev *vlan = netdev_priv(dev); struct macvtap_queue *q; int err; @@ -376,12 +375,12 @@ static int macvtap_open(struct inode *inode, struct file *file) /* * so far only KVM virtio_net uses macvtap, enable zero copy between * guest kernel and host kernel when lower device supports zerocopy + * + * The macvlan supports zerocopy iff the lower device supports zero + * copy so we don't have to look at the lower device directly. */ - if (vlan) { - if ((vlan->lowerdev->features & NETIF_F_HIGHDMA) && - (vlan->lowerdev->features & NETIF_F_SG)) - sock_set_flag(&q->sk, SOCK_ZEROCOPY); - } + if ((dev->features & NETIF_F_HIGHDMA) && (dev->features & NETIF_F_SG)) + sock_set_flag(&q->sk, SOCK_ZEROCOPY); err = macvtap_set_queue(dev, file, q); if (err)