On Thu, Oct 22, 2020 at 01:53:15PM +0800, zhuoliang.zhang wrote:
>
> there are 2 related hash lists : net->xfrm.state_bydst and
> net->xfrm.state_byspi:
>
> 1. a new state x is alloced in xfrm_state_alloc() and added into the
> bydst hlist in __find_acq_core() on the LHS;
> 2. on the RHS, state_
On Tue, Oct 20, 2020 at 04:18:00PM +0800, Zhuoliang Zhang wrote:
> From: zhuoliang zhang
>
> we found that the following race condition exists in
> xfrm_alloc_userspi flow:
>
> user threadstate_hash_work thread
>
From: zhuoliang zhang
we found that the following race condition exists in
xfrm_alloc_userspi flow:
user threadstate_hash_work thread
xfrm_alloc_userspi()
__find_acq_core()
/*alloc new xfrm_state:x*/
x
