From 047af9cfedfa357e1497e327eaa893253ca51971 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Thu, 20 Oct 2011 04:26:39 +0000 Subject: [PATCH] macvtap: Fix macvtap_open races in the zero copy enable code. To see if it is appropriate to enable the macvtap zero copy feature don't test the lowerdev network device flags. Instead test the macvtap network device flags which are a direct copy of the lowerdev flags. This is important because nothing holds a reference to lowerdev and on a very bad day we lowerdev could be a pointer to stale memory. Signed-off-by: Eric W. Biederman Signed-off-by: David S. Miller --- drivers/net/macvtap.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c index 70aa628834f..1d9c9c20967 100644 --- a/drivers/net/macvtap.c +++ b/drivers/net/macvtap.c @@ -343,7 +343,6 @@ static int macvtap_open(struct inode *inode, struct file *file) { struct net *net = current->nsproxy->net_ns; struct net_device *dev = dev_get_by_index(net, iminor(inode)); - struct macvlan_dev *vlan = netdev_priv(dev); struct macvtap_queue *q; int err; @@ -376,12 +375,12 @@ static int macvtap_open(struct inode *inode, struct file *file) /* * so far only KVM virtio_net uses macvtap, enable zero copy between * guest kernel and host kernel when lower device supports zerocopy + * + * The macvlan supports zerocopy iff the lower device supports zero + * copy so we don't have to look at the lower device directly. */ - if (vlan) { - if ((vlan->lowerdev->features & NETIF_F_HIGHDMA) && - (vlan->lowerdev->features & NETIF_F_SG)) - sock_set_flag(&q->sk, SOCK_ZEROCOPY); - } + if ((dev->features & NETIF_F_HIGHDMA) && (dev->features & NETIF_F_SG)) + sock_set_flag(&q->sk, SOCK_ZEROCOPY); err = macvtap_set_queue(dev, file, q); if (err) -- 2.39.5