From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Patrick McHardy <kaber@trash.net>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH 1/3] netfilter: ctnetlink: cleanup master conntrack assignation
Date: Wed, 18 Mar 2009 23:26:22 +0100 [thread overview]
Message-ID: <49C1750E.7000206@netfilter.org> (raw)
In-Reply-To: <49C12489.5040500@trash.net>
Patrick McHardy wrote:
> Patrick McHardy wrote:
>> Pablo Neira Ayuso wrote:
>>> This patch moves the assignation of the master conntrack to
>>> ctnetlink_create_conntrack(), which is where it really belongs.
>>> This patch is a cleanup.
>>
>> Applied, thanks.
>
> I've added this patch on top to fix a RCU context imbalance.
Oh, stupid mistake, sorry for that.
> This seems like a good opportunity to say this again: please (everyone)
> compile your code using sparse. It catches this type and more bugs.
I'll do.
> There is a second bug introduced by this patch:
>
> add_timer(&ct->timeout);
> nf_conntrack_hash_insert(ct);
> rcu_read_unlock();
>
> return ct;
>
> The conntrack lock is not held, it might crash or create double entries.
Hm, but that code is inside ctnetlink_create_conntrack() which is called
with the conntrack lock held.
if (nlh->nlmsg_flags & NLM_F_CREATE)
err = ctnetlink_create_conntrack(cda,
&otuple,
&rtuple,
- master_ct,
NETLINK_CB(skb).pid,
- nlmsg_report(nlh));
+ nlmsg_report(nlh),
+ u3);
spin_unlock_bh(&nf_conntrack_lock);
--
"Los honestos son inadaptados sociales" -- Les Luthiers
next prev parent reply other threads:[~2009-03-18 22:26 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-05 16:07 [PATCH 1/3] netfilter: ctnetlink: cleanup master conntrack assignation Pablo Neira Ayuso
2009-03-05 16:07 ` [PATCH 2/3] netfilter: ctnetlink: cleanup conntrack update preliminary checkings Pablo Neira Ayuso
2009-03-16 14:27 ` Patrick McHardy
2009-03-05 16:07 ` [PATCH 3/3] netfilter: ctnetlink: move event reporting for new entries outside the lock Pablo Neira Ayuso
2009-03-16 14:23 ` Patrick McHardy
2009-03-16 14:24 ` Patrick McHardy
2009-03-16 14:28 ` Patrick McHardy
2009-03-16 14:26 ` [PATCH 1/3] netfilter: ctnetlink: cleanup master conntrack assignation Patrick McHardy
2009-03-18 16:42 ` Patrick McHardy
2009-03-18 22:26 ` Pablo Neira Ayuso [this message]
2009-03-18 22:35 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49C1750E.7000206@netfilter.org \
--to=pablo@netfilter.org \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.