Date: Sat, 31 Dec 2016 16:09:22 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 215686] (Possibly theoretical) race condition in kern.devstat.all sysctl Message-ID: <bug-215686-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215686 Bug ID: 215686 Summary: (Possibly theoretical) race condition in kern.devstat.all sysctl Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: shea@shealevy.com The code path which copies out devstat nodes to the sysctl req does not use the necessary barriers to make the 'sequence0' and 'sequence1' fields meaningful. For any given device, it's possible that matching sequence numbers would be exported to userspace while the rest of the structure is otherwise inconsistent. >From my reading of devstat_start_transaction and devstat_end_transaction, we want to ensure that none of the field reads are reordered to be before the read of sequence0 and none are reordered to be after the read of sequence1, thus ensuring that if the sequence numbers match, the data in the structure is a consistent snapshot of some point in time. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-215686-8>