netdev
[Top] [All Lists]

Re: [NETLINK] Fix multicast bind/autobind race

To: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [NETLINK] Fix multicast bind/autobind race
From: "David S. Miller" <davem@xxxxxxxxxxxxx>
Date: Mon, 14 Mar 2005 21:28:45 -0800
Cc: netdev@xxxxxxxxxxx
In-reply-to: <20050314094420.GA15349@xxxxxxxxxxxxxxxxxxx>
References: <20050314094420.GA15349@xxxxxxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
On Mon, 14 Mar 2005 20:44:20 +1100
Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:

> netlink_autobind has always set nlk_sk(sk)->groups to zero.  This is
> unnecessary because sk_alloc already zeroes the entire structure.
> Since a socket can only be bound once netlink_autobind doesn't need
> to zero groups at all.
> 
> This had been safe until I added mc_list.  Now it is possible for
> netlink_bind to race against netlink_autobind running on the same
> socket on another CPU.  The result would be a socket that's on
> mc_list with groups set to zero.  This socket will be left on the
> list even after it is destroyed.
> 
> The fix is to remove the zeroing in netlink_autobind.
> 
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Applied, thanks Herbert.

I suspect a 2.4.x version is necessary as well.  Could you cook
one up for me?  Thanks.

<Prev in Thread] Current Thread [Next in Thread>