On Mon, Mar 14, 2005 at 09:28:45PM -0800, David S. Miller wrote:
>
> I suspect a 2.4.x version is necessary as well. Could you cook
> one up for me? Thanks.
Sure, here it is.
netlink_autobind has always set nlk_sk(sk)->groups to zero. This is
unnecessary because sk_alloc already zeroes the entire structure.
Since a socket can only be bound once netlink_autobind doesn't need
to zero groups at all.
This had been safe until I added mc_list. Now it is possible for
netlink_bind to race against netlink_autobind running on the same
socket on another CPU. The result would be a socket that's on
mc_list with groups set to zero. This socket will be left on the
list even after it is destroyed.
The fix is to remove the zeroing in netlink_autobind.
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
p
Description: Text document
|