[GENETLINK]: Fix race in genl_unregister_mc

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [GENETLINK]: Fix race in genl_unregister_mc_groups()
@ 2007-07-24  9:45 Thomas Graf
  2007-07-24 16:14 ` Brian Haley
  2007-07-24 21:52 ` [REPOST][GENETLINK]: " Thomas Graf
  0 siblings, 2 replies; 5+ messages in thread
From: Thomas Graf @ 2007-07-24  9:45 UTC (permalink / raw)
  To: davem; +Cc: johannes, netdev

family->mcast_groups is protected by genl_lock so it must
be held while accessing the list in genl_unregister_mc_groups().
Requires adding a non-locking variant of genl_unregister_mc_group().

Signed-off-by: Thomas Graf <tgraf@suug.ch>

Index: net-2.6/net/netlink/genetlink.c
===================================================================
--- net-2.6.orig/net/netlink/genetlink.c	2007-07-23 22:08:04.000000000 +0200
+++ net-2.6/net/netlink/genetlink.c	2007-07-23 22:09:08.000000000 +0200
@@ -200,6 +200,18 @@ int genl_register_mc_group(struct genl_f
 }
 EXPORT_SYMBOL(genl_register_mc_group);
 
+static void __genl_unregister_mc_group(struct genl_family *family,
+				       struct genl_multicast_group *grp)
+{
+	BUG_ON(grp->family != family);
+	netlink_clear_multicast_users(genl_sock, grp->id);
+	clear_bit(grp->id, mc_groups);
+	list_del(&grp->list);
+	genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, grp);
+	grp->id = 0;
+	grp->family = NULL;
+}
+
 /**
  * genl_unregister_mc_group - unregister a multicast group
  *
@@ -217,14 +229,8 @@ EXPORT_SYMBOL(genl_register_mc_group);
 void genl_unregister_mc_group(struct genl_family *family,
 			      struct genl_multicast_group *grp)
 {
-	BUG_ON(grp->family != family);
 	genl_lock();
-	netlink_clear_multicast_users(genl_sock, grp->id);
-	clear_bit(grp->id, mc_groups);
-	list_del(&grp->list);
-	genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, grp);
-	grp->id = 0;
-	grp->family = NULL;
+	genl_unregister_mc_group(family, grp);
 	genl_unlock();
 }
 
@@ -232,8 +238,10 @@ static void genl_unregister_mc_groups(st
 {
 	struct genl_multicast_group *grp, *tmp;
 
+	genl_lock();
 	list_for_each_entry_safe(grp, tmp, &family->mcast_groups, list)
-		genl_unregister_mc_group(family, grp);
+		__genl_unregister_mc_group(family, grp);
+	genl_unlock();
 }
 
 /**

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [GENETLINK]: Fix race in genl_unregister_mc_groups()
  2007-07-24  9:45 [GENETLINK]: Fix race in genl_unregister_mc_groups() Thomas Graf
@ 2007-07-24 16:14 ` Brian Haley
  2007-07-24 21:51   ` Thomas Graf
  2007-07-24 21:52 ` [REPOST][GENETLINK]: " Thomas Graf
  1 sibling, 1 reply; 5+ messages in thread
From: Brian Haley @ 2007-07-24 16:14 UTC (permalink / raw)
  To: Thomas Graf; +Cc: davem, johannes, netdev

Thomas Graf wrote:
> @@ -217,14 +229,8 @@ EXPORT_SYMBOL(genl_register_mc_group);
>  void genl_unregister_mc_group(struct genl_family *family,
>  			      struct genl_multicast_group *grp)
>  {
> -	BUG_ON(grp->family != family);
>  	genl_lock();
> -	netlink_clear_multicast_users(genl_sock, grp->id);
> -	clear_bit(grp->id, mc_groups);
> -	list_del(&grp->list);
> -	genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, grp);
> -	grp->id = 0;
> -	grp->family = NULL;
> +	genl_unregister_mc_group(family, grp);
>  	genl_unlock();
>  }

Shouldn't this be __genl_unregister_mc_group(family, grp) ?

-Brian

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [GENETLINK]: Fix race in genl_unregister_mc_groups()
  2007-07-24 16:14 ` Brian Haley
@ 2007-07-24 21:51   ` Thomas Graf
  0 siblings, 0 replies; 5+ messages in thread
From: Thomas Graf @ 2007-07-24 21:51 UTC (permalink / raw)
  To: Brian Haley; +Cc: davem, johannes, netdev

* Brian Haley <brian.haley@hp.com> 2007-07-24 12:14
> Thomas Graf wrote:
> >@@ -217,14 +229,8 @@ EXPORT_SYMBOL(genl_register_mc_group);
> > void genl_unregister_mc_group(struct genl_family *family,
> > 			      struct genl_multicast_group *grp)
> > {
> >-	BUG_ON(grp->family != family);
> > 	genl_lock();
> >-	netlink_clear_multicast_users(genl_sock, grp->id);
> >-	clear_bit(grp->id, mc_groups);
> >-	list_del(&grp->list);
> >-	genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, grp);
> >-	grp->id = 0;
> >-	grp->family = NULL;
> >+	genl_unregister_mc_group(family, grp);
> > 	genl_unlock();
> > }
> 
> Shouldn't this be __genl_unregister_mc_group(family, grp) ?

Yes, thank for you noticing.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [REPOST][GENETLINK]: Fix race in genl_unregister_mc_groups()
  2007-07-24  9:45 [GENETLINK]: Fix race in genl_unregister_mc_groups() Thomas Graf
  2007-07-24 16:14 ` Brian Haley
@ 2007-07-24 21:52 ` Thomas Graf
  2007-07-24 22:32   ` David Miller
  1 sibling, 1 reply; 5+ messages in thread
From: Thomas Graf @ 2007-07-24 21:52 UTC (permalink / raw)
  To: davem; +Cc: johannes, netdev

family->mcast_groups is protected by genl_lock so it must
be held while accessing the list in genl_unregister_mc_groups().
Requires adding a non-locking variant of genl_unregister_mc_group().

Signed-off-by: Thomas Graf <tgraf@suug.ch>

Index: net-2.6/net/netlink/genetlink.c
===================================================================
--- net-2.6.orig/net/netlink/genetlink.c	2007-07-23 22:08:04.000000000 +0200
+++ net-2.6/net/netlink/genetlink.c	2007-07-24 23:51:11.000000000 +0200
@@ -200,6 +200,18 @@ int genl_register_mc_group(struct genl_f
 }
 EXPORT_SYMBOL(genl_register_mc_group);
 
+static void __genl_unregister_mc_group(struct genl_family *family,
+				       struct genl_multicast_group *grp)
+{
+	BUG_ON(grp->family != family);
+	netlink_clear_multicast_users(genl_sock, grp->id);
+	clear_bit(grp->id, mc_groups);
+	list_del(&grp->list);
+	genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, grp);
+	grp->id = 0;
+	grp->family = NULL;
+}
+
 /**
  * genl_unregister_mc_group - unregister a multicast group
  *
@@ -217,14 +229,8 @@ EXPORT_SYMBOL(genl_register_mc_group);
 void genl_unregister_mc_group(struct genl_family *family,
 			      struct genl_multicast_group *grp)
 {
-	BUG_ON(grp->family != family);
 	genl_lock();
-	netlink_clear_multicast_users(genl_sock, grp->id);
-	clear_bit(grp->id, mc_groups);
-	list_del(&grp->list);
-	genl_ctrl_event(CTRL_CMD_DELMCAST_GRP, grp);
-	grp->id = 0;
-	grp->family = NULL;
+	__genl_unregister_mc_group(family, grp);
 	genl_unlock();
 }
 
@@ -232,8 +238,10 @@ static void genl_unregister_mc_groups(st
 {
 	struct genl_multicast_group *grp, *tmp;
 
+	genl_lock();
 	list_for_each_entry_safe(grp, tmp, &family->mcast_groups, list)
-		genl_unregister_mc_group(family, grp);
+		__genl_unregister_mc_group(family, grp);
+	genl_unlock();
 }
 
 /**

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [REPOST][GENETLINK]: Fix race in genl_unregister_mc_groups()
  2007-07-24 21:52 ` [REPOST][GENETLINK]: " Thomas Graf
@ 2007-07-24 22:32   ` David Miller
  0 siblings, 0 replies; 5+ messages in thread
From: David Miller @ 2007-07-24 22:32 UTC (permalink / raw)
  To: tgraf; +Cc: johannes, netdev

From: Thomas Graf <tgraf@suug.ch>
Date: Tue, 24 Jul 2007 23:52:57 +0200

> family->mcast_groups is protected by genl_lock so it must
> be held while accessing the list in genl_unregister_mc_groups().
> Requires adding a non-locking variant of genl_unregister_mc_group().
> 
> Signed-off-by: Thomas Graf <tgraf@suug.ch>

Applied, thanks Thomas.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2007-07-24 22:32 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-07-24  9:45 [GENETLINK]: Fix race in genl_unregister_mc_groups() Thomas Graf
2007-07-24 16:14 ` Brian Haley
2007-07-24 21:51   ` Thomas Graf
2007-07-24 21:52 ` [REPOST][GENETLINK]: " Thomas Graf
2007-07-24 22:32   ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).