[NETLINK] Fix multicast bind/autobind race

To:	"David S. Miller" <davem@xxxxxxxxxxxxx>, netdev@xxxxxxxxxxx
Subject:	[NETLINK] Fix multicast bind/autobind race
From:	Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date:	Mon, 14 Mar 2005 20:44:20 +1100
Sender:	netdev-bounce@xxxxxxxxxxx
User-agent:	Mutt/1.5.6+20040907i

Hi Dave:

netlink_autobind has always set nlk_sk(sk)->groups to zero.  This is
unnecessary because sk_alloc already zeroes the entire structure.
Since a socket can only be bound once netlink_autobind doesn't need
to zero groups at all.

This had been safe until I added mc_list.  Now it is possible for
netlink_bind to race against netlink_autobind running on the same
socket on another CPU.  The result would be a socket that's on
mc_list with groups set to zero.  This socket will be left on the
list even after it is destroyed.

The fix is to remove the zeroing in netlink_autobind.

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

p
Description: Text document

<Prev in Thread]	Current Thread	[Next in Thread>
[NETLINK] Fix multicast bind/autobind race, Herbert Xu <= Re: [NETLINK] Fix multicast bind/autobind race, David S. Miller Re: [NETLINK] Fix multicast bind/autobind race, Herbert Xu Re: [NETLINK] Fix multicast bind/autobind race, David S. Miller

Previous by Date:	[PATCH] Fix ns82830 driver for x86-64, Andi Kleen
Next by Date:	*[12/] [IPSEC] Handle local_df in IPv4*, Herbert Xu*
Previous by Thread:	[PATCH] Fix ns82830 driver for x86-64, Andi Kleen
Next by Thread:	Re: [NETLINK] Fix multicast bind/autobind race, David S. Miller
Indexes:	[Date] [Thread] [Top] [All Lists]