On Thu, 2015-05-21 at 17:00 +0200, Hannes Frederic Sowa wrote:
> +
> +static ssize_t skb_unix_socket_splice(struct sock *sk,
> + struct pipe_inode_info *pipe,
> + struct splice_pipe_desc *spd)
> +{
> + int ret;
> + struct unix_sock *u = unix_sk(sk);
> +
> + mutex_unlock(&u->readlock);
> + ret = splice_to_pipe(pipe, spd);
> + mutex_lock(&u->readlock);
> +
> + return ret;
> +}
> +
Hi Hannes
Since we release u->readlock, what prevents another thread to read() the
same af_unix socket and consume the skb while we splice it ?
TCP stack has special code to take care of this possibility.
tcp_read_sock() :
used = recv_actor(desc, skb, offset, len);
if (used <= 0) {
if (!copied)
copied = used;
break;
} else if (used <= len) {
seq += used;
copied += used;
offset += used;
}
/* If recv_actor drops the lock (e.g. TCP splice
* receive) the skb pointer might be invalid when
* getting here: tcp_collapse might have deleted it
* while aggregating skbs from the socket queue.
*/
skb = tcp_recv_skb(sk, seq - 1, &offset);
if (!skb)
break;
/* TCP coalescing might have appended data to the skb.
* Try to splice more frags
*/
if (offset + 1 != skb->len)
continue;
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
