diff options
| author | Patrick McHardy <kaber@trash.net> | 2006-08-17 21:12:38 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2006-08-17 21:12:38 -0400 |
| commit | d205dc40798d97d63ad348bfaf7394f445d152d4 (patch) | |
| tree | 603d58aaacec053300396db71b7143ea115ee902 /net/ipv4 | |
| parent | 6e8fcbf64024f9056ba122abbb66554aa76bae5d (diff) | |
[NETFILTER]: ctnetlink: fix deadlock in table dumping
ip_conntrack_put must not be called while holding ip_conntrack_lock
since destroy_conntrack takes it again.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
| -rw-r--r-- | net/ipv4/netfilter/ip_conntrack_netlink.c | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c index 33891bb1fde4..0d4cc92391fa 100644 --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c | |||
| @@ -415,21 +415,18 @@ ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 415 | cb->args[0], *id); | 415 | cb->args[0], *id); |
| 416 | 416 | ||
| 417 | read_lock_bh(&ip_conntrack_lock); | 417 | read_lock_bh(&ip_conntrack_lock); |
| 418 | last = (struct ip_conntrack *)cb->args[1]; | ||
| 418 | for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++) { | 419 | for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++) { |
| 419 | restart: | 420 | restart: |
| 420 | last = (struct ip_conntrack *)cb->args[1]; | ||
| 421 | list_for_each_prev(i, &ip_conntrack_hash[cb->args[0]]) { | 421 | list_for_each_prev(i, &ip_conntrack_hash[cb->args[0]]) { |
| 422 | h = (struct ip_conntrack_tuple_hash *) i; | 422 | h = (struct ip_conntrack_tuple_hash *) i; |
| 423 | if (DIRECTION(h) != IP_CT_DIR_ORIGINAL) | 423 | if (DIRECTION(h) != IP_CT_DIR_ORIGINAL) |
| 424 | continue; | 424 | continue; |
| 425 | ct = tuplehash_to_ctrack(h); | 425 | ct = tuplehash_to_ctrack(h); |
| 426 | if (last != NULL) { | 426 | if (cb->args[1]) { |
| 427 | if (ct == last) { | 427 | if (ct != last) |
| 428 | ip_conntrack_put(last); | ||
| 429 | cb->args[1] = 0; | ||
| 430 | last = NULL; | ||
| 431 | } else | ||
| 432 | continue; | 428 | continue; |
| 429 | cb->args[1] = 0; | ||
| 433 | } | 430 | } |
| 434 | if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid, | 431 | if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid, |
| 435 | cb->nlh->nlmsg_seq, | 432 | cb->nlh->nlmsg_seq, |
| @@ -440,17 +437,17 @@ restart: | |||
| 440 | goto out; | 437 | goto out; |
| 441 | } | 438 | } |
| 442 | } | 439 | } |
| 443 | if (last != NULL) { | 440 | if (cb->args[1]) { |
| 444 | ip_conntrack_put(last); | ||
| 445 | cb->args[1] = 0; | 441 | cb->args[1] = 0; |
| 446 | goto restart; | 442 | goto restart; |
| 447 | } | 443 | } |
| 448 | } | 444 | } |
| 449 | out: | 445 | out: |
| 450 | read_unlock_bh(&ip_conntrack_lock); | 446 | read_unlock_bh(&ip_conntrack_lock); |
| 447 | if (last) | ||
| 448 | ip_conntrack_put(last); | ||
| 451 | 449 | ||
| 452 | DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id); | 450 | DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id); |
| 453 | |||
| 454 | return skb->len; | 451 | return skb->len; |
| 455 | } | 452 | } |
| 456 | 453 | ||