From: Florian Westphal <fw@strlen.de>
To: "Sebastian Pöhn" <sebastian.poehn@gmail.com>
Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org
Subject: Re: nf_conntrack_h323: Fix locking in process_urq
Date: Fri, 15 Jan 2016 23:42:33 +0100 [thread overview]
Message-ID: <20160115224233.GA20767@breakpoint.cc> (raw)
In-Reply-To: <1452894918.4622.3.camel@gmail.com>
Sebastian Pöhn <sebastian.poehn@gmail.com> wrote:
[ CC netfilter-devel ]
> nf_ct_remove_expectations has to be called under nf_conntrack_expect_lock
But nf_ct_remove_expectations grabs that lock?
Added in:
commit ca7433df3a672efc88e08222cfa4b3aa965ca324
Author: Jesper Dangaard Brouer <brouer@redhat.com>
netfilter: conntrack: seperate expect locking from nf_conntrack_lock
> diff --git a/net/netfilter/nf_conntrack_h323_main.c b/net/netfilter/nf_conntrack_h323_main.c
> index 9511af0..d477375 100644
> --- a/net/netfilter/nf_conntrack_h323_main.c
> +++ b/net/netfilter/nf_conntrack_h323_main.c
> @@ -1518,7 +1518,9 @@ static int process_urq(struct sk_buff *skb, struct nf_conn *ct,
> }
>
> /* Clear old expect */
> + spin_lock_bh(&nf_conntrack_expect_lock);
> nf_ct_remove_expectations(ct);
... so I'd expect deadlock.
next prev parent reply other threads:[~2016-01-15 22:42 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-15 21:55 nf_conntrack_h323: Fix locking in process_urq Sebastian Pöhn
2016-01-15 22:42 ` Florian Westphal [this message]
2016-01-15 22:57 ` Sebastian Pöhn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160115224233.GA20767@breakpoint.cc \
--to=fw@strlen.de \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=sebastian.poehn@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.