On Mon, 2017-02-06 at 12:01 +0900, Lorenzo Colitti wrote:
> On Mon, Feb 6, 2017 at 11:17 AM, Chenbo Feng
> <chenbofeng.ker...@gmail.com> wrote:
> > +BPF_CALL_1(bpf_get_socket_cookie, struct sk_buff *, skb)
> > +{
> > + return skb->sk ? sock_gen_cookie(skb->sk) : 0;
> > +}
> > +
>
> Does this code need to increment the socket refcount, or call
> ACCESS_ONCE to get skb->sk? The socket filter codepath should be safe,
> but if this function is called in xt_ebpf, could it race with
> something that sets skb->sk to null?
I do not see how this could possibly happen.
READ_ONCE() would not prevent the 'old' sk from disappearing anyway.
