diff options
author | Jarek Poplawski <jarkao2@gmail.com> | 2008-06-04 12:58:27 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-06-04 12:58:27 -0400 |
commit | b9c698964614f71b9c8afeca163a945b4c2e2d20 (patch) | |
tree | f70242a7796aae3b648efcd46cf60e18f1724bac /net/ipv6 | |
parent | d2ee3f2c4b1db1320c1efb4dcaceeaf6c7e6c2d3 (diff) |
netfilter: nf_conntrack_ipv6: fix inconsistent lock state in nf_ct_frag6_gather()
[ 63.531438] =================================
[ 63.531520] [ INFO: inconsistent lock state ]
[ 63.531520] 2.6.26-rc4 #7
[ 63.531520] ---------------------------------
[ 63.531520] inconsistent {softirq-on-W} -> {in-softirq-W} usage.
[ 63.531520] tcpsic6/3864 [HC0[0]:SC1[1]:HE1:SE0] takes:
[ 63.531520] (&q->lock#2){-+..}, at: [<c07175b0>] ipv6_frag_rcv+0xd0/0xbd0
[ 63.531520] {softirq-on-W} state was registered at:
[ 63.531520] [<c0143bba>] __lock_acquire+0x3aa/0x1080
[ 63.531520] [<c0144906>] lock_acquire+0x76/0xa0
[ 63.531520] [<c07a8f0b>] _spin_lock+0x2b/0x40
[ 63.531520] [<c0727636>] nf_ct_frag6_gather+0x3f6/0x910
...
According to this and another similar lockdep report inet_fragment
locks are taken from nf_ct_frag6_gather() with softirqs enabled, but
these locks are mainly used in softirq context, so disabling BHs is
necessary.
Reported-and-tested-by: Eric Sesterhenn <snakebyte@gmx.de>
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
-rw-r--r-- | net/ipv6/netfilter/nf_conntrack_reasm.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c index 2dccad48058..e65e26e210e 100644 --- a/net/ipv6/netfilter/nf_conntrack_reasm.c +++ b/net/ipv6/netfilter/nf_conntrack_reasm.c | |||
@@ -209,7 +209,9 @@ fq_find(__be32 id, struct in6_addr *src, struct in6_addr *dst) | |||
209 | arg.dst = dst; | 209 | arg.dst = dst; |
210 | hash = ip6qhashfn(id, src, dst); | 210 | hash = ip6qhashfn(id, src, dst); |
211 | 211 | ||
212 | local_bh_disable(); | ||
212 | q = inet_frag_find(&nf_init_frags, &nf_frags, &arg, hash); | 213 | q = inet_frag_find(&nf_init_frags, &nf_frags, &arg, hash); |
214 | local_bh_enable(); | ||
213 | if (q == NULL) | 215 | if (q == NULL) |
214 | goto oom; | 216 | goto oom; |
215 | 217 | ||
@@ -638,10 +640,10 @@ struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb) | |||
638 | goto ret_orig; | 640 | goto ret_orig; |
639 | } | 641 | } |
640 | 642 | ||
641 | spin_lock(&fq->q.lock); | 643 | spin_lock_bh(&fq->q.lock); |
642 | 644 | ||
643 | if (nf_ct_frag6_queue(fq, clone, fhdr, nhoff) < 0) { | 645 | if (nf_ct_frag6_queue(fq, clone, fhdr, nhoff) < 0) { |
644 | spin_unlock(&fq->q.lock); | 646 | spin_unlock_bh(&fq->q.lock); |
645 | pr_debug("Can't insert skb to queue\n"); | 647 | pr_debug("Can't insert skb to queue\n"); |
646 | fq_put(fq); | 648 | fq_put(fq); |
647 | goto ret_orig; | 649 | goto ret_orig; |
@@ -653,7 +655,7 @@ struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb) | |||
653 | if (ret_skb == NULL) | 655 | if (ret_skb == NULL) |
654 | pr_debug("Can't reassemble fragmented packets\n"); | 656 | pr_debug("Can't reassemble fragmented packets\n"); |
655 | } | 657 | } |
656 | spin_unlock(&fq->q.lock); | 658 | spin_unlock_bh(&fq->q.lock); |
657 | 659 | ||
658 | fq_put(fq); | 660 | fq_put(fq); |
659 | return ret_skb; | 661 | return ret_skb; |