From a1362bde412f94eddaf0511aaa8eee5d84c55007 Mon Sep 17 00:00:00 2001 From: Xie XiuQi Date: Thu, 25 Jul 2019 22:42:41 +0800 Subject: [PATCH] Revert "net: get rid of an signed integer overflow in ip_idents_reserve()" hulk inclusion category: perf bugzilla: 18689 CVE: CVE This reverts commit adb03115f4590baa280ddc440a8eff08a6be0cb7. 1) This perious patch introduce performance regression, MySQL performance is reduced by 40% in vm. 2) The previous patch did not resolve the overflow problem, it just ignore the UBSAN warning. So, the patch dit not resolve real problem, but introduce significant performance regression. Just revert it. https://lkml.org/lkml/2019/7/24/243 https://lore.kernel.org/lkml/b0160f4b-b996-b0ee-405a-3d5f1866272e@gmail.com/ https://lore.kernel.org/lkml/20181101172739.GA3196@hirez.programming.kicks-ass.net/ Cc: Hanjun Guo Cc: Yongjun Wei Cc: Xuefeng Wang Tested-by: Chen Tongbiao Signed-off-by: Xie XiuQi Reviewed-by: Hanjun Guo Reviewed-by: Mao Wenan Signed-off-by: Yang Yingliang --- net/ipv4/route.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index e4df1319b59e..dd6e46c74830 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -483,18 +483,12 @@ u32 ip_idents_reserve(u32 hash, int segs) atomic_t *p_id = ip_idents + hash % IP_IDENTS_SZ; u32 old = READ_ONCE(*p_tstamp); u32 now = (u32)jiffies; - u32 new, delta = 0; + u32 delta = 0; if (old != now && cmpxchg(p_tstamp, old, now) == old) delta = prandom_u32_max(now - old); - /* Do not use atomic_add_return() as it makes UBSAN unhappy */ - do { - old = (u32)atomic_read(p_id); - new = old + delta + segs; - } while (atomic_cmpxchg(p_id, old, new) != old); - - return new - segs; + return atomic_add_return(segs + delta, p_id) - segs; } EXPORT_SYMBOL(ip_idents_reserve); -- GitLab