path: root/net
diff options
authorThomas Graf <tgraf@suug.ch>2014-08-07 00:18:47 +0100
committerDavid S. Miller <davem@davemloft.net>2014-08-06 19:17:44 -0700
commit6c8f7e70837468da4e658080d4448930fb597e1b (patch)
treeb16af5d1fcabe792f0b565d9fca2686cad480efd /net
parent9ea88a153001ffeb3d8810917e8eea62ca9b6f25 (diff)
netlink: hold nl_sock_hash_lock during diag dump
Although RCU protection would be possible during diag dump, doing so allows for concurrent table mutations which can render the in-table offset between individual Netlink messages invalid and thus cause legitimate sockets to be skipped in the dump. Since the diag dump is relatively low volume and consistency is more important than performance, the table mutex is held during dump. Reported-by: Andrey Wagin <avagin@gmail.com> Signed-off-by: Thomas Graf <tgraf@suug.ch> Fixes: e341694e3eb57fc ("netlink: Convert netlink_lookup() to use RCU protected hash table") Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
3 files changed, 5 insertions, 0 deletions
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 479a344563d8..a324b4b34c90 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -104,6 +104,7 @@ static atomic_t nl_table_users = ATOMIC_INIT(0);
/* Protects netlink socket hash table mutations */
static int lockdep_nl_sk_hash_is_held(void)
diff --git a/net/netlink/af_netlink.h b/net/netlink/af_netlink.h
index 60f631fb7087..b20a1731759b 100644
--- a/net/netlink/af_netlink.h
+++ b/net/netlink/af_netlink.h
@@ -73,5 +73,6 @@ struct netlink_table {
extern struct netlink_table *nl_table;
extern rwlock_t nl_table_lock;
+extern struct mutex nl_sk_hash_lock;
diff --git a/net/netlink/diag.c b/net/netlink/diag.c
index 7301850eb56f..de8c74a3c061 100644
--- a/net/netlink/diag.c
+++ b/net/netlink/diag.c
@@ -170,6 +170,7 @@ static int netlink_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
req = nlmsg_data(cb->nlh);
+ mutex_lock(&nl_sk_hash_lock);
if (req->sdiag_protocol == NDIAG_PROTO_ALL) {
@@ -183,6 +184,7 @@ static int netlink_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
} else {
if (req->sdiag_protocol >= MAX_LINKS) {
+ mutex_unlock(&nl_sk_hash_lock);
return -ENOENT;
@@ -190,6 +192,7 @@ static int netlink_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
+ mutex_unlock(&nl_sk_hash_lock);
return skb->len;