ratelimit: Fix data-races in ___ratelimit().

While reading rs->interval and rs->burst, they can be changed
concurrently via sysctl (e.g. net_ratelimit_state).  Thus, we
need to add READ_ONCE() to their readers.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/lib/ratelimit.c b/lib/ratelimit.c
index e01a93f..ce945c1 100644 (file)
--- a/lib/ratelimit.c
+++ b/lib/ratelimit.c
@@ -26,10 +26,16 @@
  */
 int ___ratelimit(struct ratelimit_state *rs, const char *func)
 {
+       /* Paired with WRITE_ONCE() in .proc_handler().
+        * Changing two values seperately could be inconsistent
+        * and some message could be lost.  (See: net_ratelimit_state).
+        */
+       int interval = READ_ONCE(rs->interval);
+       int burst = READ_ONCE(rs->burst);
        unsigned long flags;
        int ret;
 
-       if (!rs->interval)
+       if (!interval)
                return 1;
 
        /*
@@ -44,7 +50,7 @@ int ___ratelimit(struct ratelimit_state *rs, const char *func)
        if (!rs->begin)
                rs->begin = jiffies;
 
-       if (time_is_before_jiffies(rs->begin + rs->interval)) {
+       if (time_is_before_jiffies(rs->begin + interval)) {
                if (rs->missed) {
                        if (!(rs->flags & RATELIMIT_MSG_ON_RELEASE)) {
                                printk_deferred(KERN_WARNING
@@ -56,7 +62,7 @@ int ___ratelimit(struct ratelimit_state *rs, const char *func)
                rs->begin   = jiffies;
                rs->printed = 0;
        }
-       if (rs->burst && rs->burst > rs->printed) {
+       if (burst && burst > rs->printed) {
                rs->printed++;
                ret = 1;
        } else {