[ovs-dev] conntrack-tp: fix lock order in conn_update_expiration

William Tu u9012063 at gmail.com
Sun Jul 5 13:51:11 UTC 2020


On Sun, Jul 05, 2020 at 09:07:23PM +0800, hepeng.0320 wrote:
> *conn_update_expiration* violates the lock order of conn->lock and
> ct->lock. In the comments of conntrack, the conn->lock should be
> held after ct->lock when ct->lock needs to be taken.
> 
> Signed-off-by: Peng He <hepeng.0320 at bytedance.com>

Thanks.
I add a Fixes tag, apply to master and branch-2.13, and also
add you to the AUTHORS.

William

> ---
>  lib/conntrack-tp.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/lib/conntrack-tp.c b/lib/conntrack-tp.c
> index 3a7604c0d..a586d3a8d 100644
> --- a/lib/conntrack-tp.c
> +++ b/lib/conntrack-tp.c
> @@ -260,15 +260,20 @@ conn_update_expiration(struct conntrack *ct, struct conn *conn,
>      struct timeout_policy *tp;
>      uint32_t val;
>  
> +    ovs_mutex_unlock(&conn->lock);
> +
>      ovs_mutex_lock(&ct->ct_lock);
> +    ovs_mutex_lock(&conn->lock);
>      tp = timeout_policy_lookup(ct, conn->tp_id);
>      if (tp) {
>          val = tp->policy.attrs[tm_to_ct_dpif_tp(tm)];
>      } else {
>          val = ct_dpif_netdev_tp_def[tm_to_ct_dpif_tp(tm)];
>      }
> +    ovs_mutex_unlock(&conn->lock);
>      ovs_mutex_unlock(&ct->ct_lock);
>  
> +    ovs_mutex_lock(&conn->lock);
>      VLOG_DBG_RL(&rl, "Update timeout %s zone=%u with policy id=%d "
>                  "val=%u sec.",
>                  ct_timeout_str[tm], conn->key.zone, conn->tp_id, val);
> -- 
> 2.20.1
> 


More information about the dev mailing list