* [PATCH 2.6 PKT_SCHED]: Fix scheduler/classifier module unload race
@ 2004-11-07 22:41 Patrick McHardy
2004-11-10 5:46 ` David S. Miller
0 siblings, 1 reply; 2+ messages in thread
From: Patrick McHardy @ 2004-11-07 22:41 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev
[-- Attachment #1: Type: text/plain, Size: 268 bytes --]
This patch fixes an scheduler/classifier module unload race.
struct Qdisc_ops which includes the owner field is also part
of the module's memory, so ops might already be freed when
try_module_get(ops->owner) is called outside of the locked
section.
Regards
Patrick
[-- Attachment #2: x --]
[-- Type: text/plain, Size: 2062 bytes --]
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
# 2004/11/07 05:03:11+01:00 kaber@coreworks.de
# [PKT_SCHED]: Fix scheduler/classifier module unload race
#
# Signed-off-by: Patrick McHardy <kaber@trash.net>
#
# net/sched/sch_api.c
# 2004/11/07 05:03:04+01:00 kaber@coreworks.de +4 -4
# [PKT_SCHED]: Fix scheduler/classifier module unload race
#
# Signed-off-by: Patrick McHardy <kaber@trash.net>
#
# net/sched/cls_api.c
# 2004/11/07 05:03:04+01:00 kaber@coreworks.de +4 -6
# [PKT_SCHED]: Fix scheduler/classifier module unload race
#
# Signed-off-by: Patrick McHardy <kaber@trash.net>
#
diff -Nru a/net/sched/cls_api.c b/net/sched/cls_api.c
--- a/net/sched/cls_api.c 2004-11-07 23:32:50 +01:00
+++ b/net/sched/cls_api.c 2004-11-07 23:32:50 +01:00
@@ -60,8 +60,11 @@
if (kind) {
read_lock(&cls_mod_lock);
for (t = tcf_proto_base; t; t = t->next) {
- if (rtattr_strcmp(kind, t->kind) == 0)
+ if (rtattr_strcmp(kind, t->kind) == 0) {
+ if (!try_module_get(t->owner))
+ t = NULL;
break;
+ }
}
read_unlock(&cls_mod_lock);
}
@@ -231,11 +234,6 @@
tp->q = q;
tp->classify = tp_ops->classify;
tp->classid = parent;
- err = -EBUSY;
- if (!try_module_get(tp_ops->owner)) {
- kfree(tp);
- goto errout;
- }
if ((err = tp_ops->init(tp)) != 0) {
module_put(tp_ops->owner);
kfree(tp);
diff -Nru a/net/sched/sch_api.c b/net/sched/sch_api.c
--- a/net/sched/sch_api.c 2004-11-07 23:32:50 +01:00
+++ b/net/sched/sch_api.c 2004-11-07 23:32:50 +01:00
@@ -229,8 +229,11 @@
if (kind) {
read_lock(&qdisc_mod_lock);
for (q = qdisc_base; q; q = q->next) {
- if (rtattr_strcmp(kind, q->id) == 0)
+ if (rtattr_strcmp(kind, q->id) == 0) {
+ if (!try_module_get(q->owner))
+ q = NULL;
break;
+ }
}
read_unlock(&qdisc_mod_lock);
}
@@ -408,9 +411,6 @@
err = -EINVAL;
if (ops == NULL)
- goto err_out;
- err = -EBUSY;
- if (!try_module_get(ops->owner))
goto err_out;
/* ensure that the Qdisc and the private data are 32-byte aligned */
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH 2.6 PKT_SCHED]: Fix scheduler/classifier module unload race
2004-11-07 22:41 [PATCH 2.6 PKT_SCHED]: Fix scheduler/classifier module unload race Patrick McHardy
@ 2004-11-10 5:46 ` David S. Miller
0 siblings, 0 replies; 2+ messages in thread
From: David S. Miller @ 2004-11-10 5:46 UTC (permalink / raw)
To: Patrick McHardy; +Cc: netdev
On Sun, 07 Nov 2004 23:41:27 +0100
Patrick McHardy <kaber@trash.net> wrote:
> This patch fixes an scheduler/classifier module unload race.
> struct Qdisc_ops which includes the owner field is also part
> of the module's memory, so ops might already be freed when
> try_module_get(ops->owner) is called outside of the locked
> section.
Applied, thanks a lot Patrick.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-11-10 5:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-11-07 22:41 [PATCH 2.6 PKT_SCHED]: Fix scheduler/classifier module unload race Patrick McHardy
2004-11-10 5:46 ` David S. Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).