| Revision | 43e8df19c830fcb86d4f3577df2f89f766570a43 (tree) |
|---|---|
| Zeit | 2006-10-09 07:21:09 |
| Autor | Patrick McHardy <kaber@tras...> |
| Commiter | Willy Tarreau |
[NETFILTER]: Fix deadlock on NAT helper unload
When a NAT helper is unlocked conntrack/NAT may deadlock because of
the following lock sequence:
.. ip_nat_helper_unregister
-> ip_ct_selective_cleanup
-> get_next_corpse (ip_conntrack_lock)
-> kill_helper (ip_nat_lock)
.. ip_nat_fn (ip_nat_lock)
-> ip_nat_setup_info
-> ip_conntrack_alter_reply (ip_conntrack_lock)
Taking ip_nat_lock in kill_helper() is unnecessary since the helper assigned
to a connection is immutable and new connections can't have the helper that
is beeing unloaded assigned since it is already removed from the global list.
Reported by <doublefacer007@gmail.com>.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/netfilter/ip_nat_helper.c (diff)| @@ -522,13 +522,7 @@ int ip_nat_helper_register(struct ip_nat_helper *me) | ||
| 522 | 522 | static int |
| 523 | 523 | kill_helper(struct ip_conntrack *i, void *helper) |
| 524 | 524 | { |
| 525 | - int ret; | |
| 526 | - | |
| 527 | - READ_LOCK(&ip_nat_lock); | |
| 528 | - ret = (i->nat.info.helper == helper); | |
| 529 | - READ_UNLOCK(&ip_nat_lock); | |
| 530 | - | |
| 531 | - return ret; | |
| 525 | + return (i->nat.info.helper == helper); | |
| 532 | 526 | } |
| 533 | 527 | |
| 534 | 528 | void ip_nat_helper_unregister(struct ip_nat_helper *me) |
Linux Kernel Documents
Fork