aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2008-06-18 05:07:07 -0400
committerDavid S. Miller <davem@davemloft.net>2008-06-18 05:07:07 -0400
commit6d1a3fb567a728d31474636e167c324702a0c38b (patch)
tree02ffcef1520345d44f080b821aa32f4a596b7e1f
parent3a5be7d4b079f3a9ce1e8ce4a93ba15ae6d00111 (diff)
netlink: genl: fix circular locking
genetlink has a circular locking dependency when dumping the registered families: - dump start: genl_rcv() : take genl_mutex genl_rcv_msg() : call netlink_dump_start() while holding genl_mutex netlink_dump_start(), netlink_dump() : take nlk->cb_mutex ctrl_dumpfamily() : try to detect this case and not take genl_mutex a second time - dump continuance: netlink_rcv() : call netlink_dump netlink_dump : take nlk->cb_mutex ctrl_dumpfamily() : take genl_mutex Register genl_lock as callback mutex with netlink to fix this. This slightly widens an already existing module unload race, the genl ops used during the dump might go away when the module is unloaded. Thomas Graf is working on a seperate fix for this. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/netlink/genetlink.c15
1 files changed, 6 insertions, 9 deletions
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
index f5aa23c3e886..3e1191cecaf0 100644
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -444,8 +444,11 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
444 if (ops->dumpit == NULL) 444 if (ops->dumpit == NULL)
445 return -EOPNOTSUPP; 445 return -EOPNOTSUPP;
446 446
447 return netlink_dump_start(genl_sock, skb, nlh, 447 genl_unlock();
448 ops->dumpit, ops->done); 448 err = netlink_dump_start(genl_sock, skb, nlh,
449 ops->dumpit, ops->done);
450 genl_lock();
451 return err;
449 } 452 }
450 453
451 if (ops->doit == NULL) 454 if (ops->doit == NULL)
@@ -603,9 +606,6 @@ static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb)
603 int chains_to_skip = cb->args[0]; 606 int chains_to_skip = cb->args[0];
604 int fams_to_skip = cb->args[1]; 607 int fams_to_skip = cb->args[1];
605 608
606 if (chains_to_skip != 0)
607 genl_lock();
608
609 for (i = 0; i < GENL_FAM_TAB_SIZE; i++) { 609 for (i = 0; i < GENL_FAM_TAB_SIZE; i++) {
610 if (i < chains_to_skip) 610 if (i < chains_to_skip)
611 continue; 611 continue;
@@ -623,9 +623,6 @@ static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb)
623 } 623 }
624 624
625errout: 625errout:
626 if (chains_to_skip != 0)
627 genl_unlock();
628
629 cb->args[0] = i; 626 cb->args[0] = i;
630 cb->args[1] = n; 627 cb->args[1] = n;
631 628
@@ -770,7 +767,7 @@ static int __init genl_init(void)
770 767
771 /* we'll bump the group number right afterwards */ 768 /* we'll bump the group number right afterwards */
772 genl_sock = netlink_kernel_create(&init_net, NETLINK_GENERIC, 0, 769 genl_sock = netlink_kernel_create(&init_net, NETLINK_GENERIC, 0,
773 genl_rcv, NULL, THIS_MODULE); 770 genl_rcv, &genl_mutex, THIS_MODULE);
774 if (genl_sock == NULL) 771 if (genl_sock == NULL)
775 panic("GENL: Cannot initialize generic netlink\n"); 772 panic("GENL: Cannot initialize generic netlink\n");
776 773