From: "Sebastian Pöhn" <sebastian.poehn@gmail.com>
To: Florian Westphal <fw@strlen.de>
Cc: netfilter-devel@vger.kernel.org, netdev@vger.kernel.org
Subject: Re: nf_conntrack_h323: Fix locking in process_urq
Date: Fri, 15 Jan 2016 23:57:12 +0100 [thread overview]
Message-ID: <1452898632.3162.0.camel@gmail.com> (raw)
In-Reply-To: <20160115224233.GA20767@breakpoint.cc>
You are right. The problem is fixed since 3.15 with the expect_lock refactoring.
We found this in 3.12. Probably this is something for stable releases 3.14 and earlier.
Am 15.01.2016 11:42 nachm. schrieb "Florian Westphal" <fw@strlen.de>:
>
> Sebastian Pöhn <sebastian.poehn@gmail.com> wrote:
>
> [ CC netfilter-devel ]
>
> > nf_ct_remove_expectations has to be called under nf_conntrack_expect_lock
>
> But nf_ct_remove_expectations grabs that lock?
>
> Added in:
>
> commit ca7433df3a672efc88e08222cfa4b3aa965ca324
> Author: Jesper Dangaard Brouer <brouer@redhat.com>
> netfilter: conntrack: seperate expect locking from nf_conntrack_lock
>
> > diff --git a/net/netfilter/nf_conntrack_h323_main.c b/net/netfilter/nf_conntrack_h323_main.c
> > index 9511af0..d477375 100644
> > --- a/net/netfilter/nf_conntrack_h323_main.c
> > +++ b/net/netfilter/nf_conntrack_h323_main.c
> > @@ -1518,7 +1518,9 @@ static int process_urq(struct sk_buff *skb, struct nf_conn *ct,
> > }
> >
> > /* Clear old expect */
> > + spin_lock_bh(&nf_conntrack_expect_lock);
> > nf_ct_remove_expectations(ct);
>
> ... so I'd expect deadlock.
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
prev parent reply other threads:[~2016-01-15 22:57 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-15 21:55 nf_conntrack_h323: Fix locking in process_urq Sebastian Pöhn
2016-01-15 22:42 ` Florian Westphal
2016-01-15 22:57 ` Sebastian Pöhn [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1452898632.3162.0.camel@gmail.com \
--to=sebastian.poehn@gmail.com \
--cc=fw@strlen.de \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.