From 6f4b6ec1cffcbb12cc47244381496d59b6a5a790 Mon Sep 17 00:00:00 2001 From: Herbert Xu <herbert@gondor.apana.org.au> Date: Thu, 2 Feb 2006 17:01:13 -0800 Subject: [IPV6]: Fix illegal dst locking in softirq context. On Tue, Jan 31, 2006 at 10:24:32PM +0100, Ingo Molnar wrote: > > [<c04de9e8>] _write_lock+0x8/0x10 > [<c0499015>] inet6_destroy_sock+0x25/0x100 > [<c04b8672>] tcp_v6_destroy_sock+0x12/0x20 > [<c046bbda>] inet_csk_destroy_sock+0x4a/0x150 > [<c047625c>] tcp_rcv_state_process+0xd4c/0xdd0 > [<c047d8e9>] tcp_v4_do_rcv+0xa9/0x340 > [<c047eabb>] tcp_v4_rcv+0x8eb/0x9d0 OK this is definitely broken. We should never touch the dst lock in softirq context. Since inet6_destroy_sock may be called from that context due to the asynchronous nature of sockets, we can't take the lock there. In fact this sk_dst_reset is totally redundant since all IPv6 sockets use inet_sock_destruct as their socket destructor which always cleans up the dst anyway. So the solution is to simply remove the call. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net> --- net/ipv6/af_inet6.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c index 064ffab82a9..6c9711ac1c0 100644 --- a/net/ipv6/af_inet6.c +++ b/net/ipv6/af_inet6.c @@ -369,12 +369,6 @@ int inet6_destroy_sock(struct sock *sk) struct sk_buff *skb; struct ipv6_txoptions *opt; - /* - * Release destination entry - */ - - sk_dst_reset(sk); - /* Release rx options */ if ((skb = xchg(&np->pktoptions, NULL)) != NULL) -- cgit v1.2.2