Date: Sat, 31 Dec 2016 16:09:22 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 215686] (Possibly theoretical) race condition in kern.devstat.all sysctl Message-ID: <bug-215686-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D215686 Bug ID: 215686 Summary: (Possibly theoretical) race condition in kern.devstat.all sysctl Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: shea@shealevy.com The code path which copies out devstat nodes to the sysctl req does not use= the necessary barriers to make the 'sequence0' and 'sequence1' fields meaningfu= l. For any given device, it's possible that matching sequence numbers would be exported to userspace while the rest of the structure is otherwise inconsistent. >From my reading of devstat_start_transaction and devstat_end_transaction, we want to ensure that none of the field reads are reordered to be before the = read of sequence0 and none are reordered to be after the read of sequence1, thus ensuring that if the sequence numbers match, the data in the structure is a consistent snapshot of some point in time. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-215686-8>