diff options
| author | Pavel Emelyanov <xemul@openvz.org> | 2008-06-27 23:06:08 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-06-27 23:06:08 -0400 |
| commit | 9a375803feaadb6c34e0807bd9325885dcca5c00 (patch) | |
| tree | fba3b0835d1fb3211da1c1be9dd6d4508e6668a6 /net/ipv4/ip_fragment.c | |
| parent | a0a61a604c60c14accc3962ecfeee9acc7a3c08a (diff) | |
inet fragments: fix race between inet_frag_find and inet_frag_secret_rebuild
The problem is that while we work w/o the inet_frags.lock even
read-locked the secret rebuild timer may occur (on another CPU, since
BHs are still disabled in the inet_frag_find) and change the rnd seed
for ipv4/6 fragments.
It was caused by my patch fd9e63544cac30a34c951f0ec958038f0529e244
([INET]: Omit double hash calculations in xxx_frag_intern) late
in the 2.6.24 kernel, so this should probably be queued to -stable.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/ip_fragment.c')
| -rw-r--r-- | net/ipv4/ip_fragment.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c index cd6ce6ac6358..37221f659159 100644 --- a/net/ipv4/ip_fragment.c +++ b/net/ipv4/ip_fragment.c | |||
| @@ -229,6 +229,8 @@ static inline struct ipq *ip_find(struct net *net, struct iphdr *iph, u32 user) | |||
| 229 | 229 | ||
| 230 | arg.iph = iph; | 230 | arg.iph = iph; |
| 231 | arg.user = user; | 231 | arg.user = user; |
| 232 | |||
| 233 | read_lock(&ip4_frags.lock); | ||
| 232 | hash = ipqhashfn(iph->id, iph->saddr, iph->daddr, iph->protocol); | 234 | hash = ipqhashfn(iph->id, iph->saddr, iph->daddr, iph->protocol); |
| 233 | 235 | ||
| 234 | q = inet_frag_find(&net->ipv4.frags, &ip4_frags, &arg, hash); | 236 | q = inet_frag_find(&net->ipv4.frags, &ip4_frags, &arg, hash); |