diff options
author | Johannes Berg <johannes@sipsolutions.net> | 2009-09-24 15:44:05 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2009-09-24 15:44:05 -0700 |
commit | b8273570f802a7658827dcb077b0b517ba75a289 (patch) | |
tree | 06fcee4433089cdb16504f40b1975ebbdf69e241 /net/netlink/genetlink.c | |
parent | 704cc92e9ffe29458ea8831ae097c631b1160c01 (diff) | |
download | linux-b8273570f802a7658827dcb077b0b517ba75a289.tar.bz2 |
genetlink: fix netns vs. netlink table locking (2)
Similar to commit d136f1bd366fdb7e747ca7e0218171e7a00a98a5,
there's a bug when unregistering a generic netlink family,
which is caught by the might_sleep() added in that commit:
BUG: sleeping function called from invalid context at net/netlink/af_netlink.c:183
in_atomic(): 1, irqs_disabled(): 0, pid: 1510, name: rmmod
2 locks held by rmmod/1510:
#0: (genl_mutex){+.+.+.}, at: [<ffffffff8138283b>] genl_unregister_family+0x2b/0x130
#1: (rcu_read_lock){.+.+..}, at: [<ffffffff8138270c>] __genl_unregister_mc_group+0x1c/0x120
Pid: 1510, comm: rmmod Not tainted 2.6.31-wl #444
Call Trace:
[<ffffffff81044ff9>] __might_sleep+0x119/0x150
[<ffffffff81380501>] netlink_table_grab+0x21/0x100
[<ffffffff813813a3>] netlink_clear_multicast_users+0x23/0x60
[<ffffffff81382761>] __genl_unregister_mc_group+0x71/0x120
[<ffffffff81382866>] genl_unregister_family+0x56/0x130
[<ffffffffa0007d85>] nl80211_exit+0x15/0x20 [cfg80211]
[<ffffffffa000005a>] cfg80211_exit+0x1a/0x40 [cfg80211]
Fix in the same way by grabbing the netlink table lock
before doing rcu_read_lock().
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netlink/genetlink.c')
-rw-r--r-- | net/netlink/genetlink.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c index 566941e03363..44ff3f3810fa 100644 --- a/net/netlink/genetlink.c +++ b/net/netlink/genetlink.c @@ -220,10 +220,12 @@ static void __genl_unregister_mc_group(struct genl_family *family, struct net *net; BUG_ON(grp->family != family); + netlink_table_grab(); rcu_read_lock(); for_each_net_rcu(net) - netlink_clear_multicast_users(net->genl_sock, grp->id); + __netlink_clear_multicast_users(net->genl_sock, grp->id); rcu_read_unlock(); + netlink_table_ungrab(); clear_bit(grp->id, mc_groups); list_del(&grp->list); |