[ovs-dev] conntrack-tp: fix lock order in conn_update_expiration

hepeng.0320 hepeng.0320 at bytedance.com
Sat Jul 4 04:43:33 UTC 2020


*conn_update_expiration* violates the lock order of conn->lock and
ct->lock. In the comments of conntrack, the conn->lock should be
held after ct->lock when ct->lock needs to be taken.

Signed-off-by: hepeng.0320 <xnhp0320 at gmail.com>
---
 lib/conntrack-tp.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/conntrack-tp.c b/lib/conntrack-tp.c
index 3a7604c0d..a586d3a8d 100644
--- a/lib/conntrack-tp.c
+++ b/lib/conntrack-tp.c
@@ -260,15 +260,20 @@ conn_update_expiration(struct conntrack *ct, struct conn *conn,
     struct timeout_policy *tp;
     uint32_t val;
 
+    ovs_mutex_unlock(&conn->lock);
+
     ovs_mutex_lock(&ct->ct_lock);
+    ovs_mutex_lock(&conn->lock);
     tp = timeout_policy_lookup(ct, conn->tp_id);
     if (tp) {
         val = tp->policy.attrs[tm_to_ct_dpif_tp(tm)];
     } else {
         val = ct_dpif_netdev_tp_def[tm_to_ct_dpif_tp(tm)];
     }
+    ovs_mutex_unlock(&conn->lock);
     ovs_mutex_unlock(&ct->ct_lock);
 
+    ovs_mutex_lock(&conn->lock);
     VLOG_DBG_RL(&rl, "Update timeout %s zone=%u with policy id=%d "
                 "val=%u sec.",
                 ct_timeout_str[tm], conn->key.zone, conn->tp_id, val);
-- 
2.20.1



More information about the dev mailing list