aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
authorDenis V. Lunev <den@openvz.org>2008-01-18 23:55:19 -0800
committerDavid S. Miller <davem@davemloft.net>2008-01-28 15:08:08 -0800
commit775516bfa2bd7993620c9039191a0c30b8d8a496 (patch)
tree7385f35edda9f4124b802ccf337c55070d2e00bc /net/ipv4
parentb7c6ba6eb1234e35a74fb8ba8123232a7b1ba9e4 (diff)
downloadkernel_goldelico_gta04-775516bfa2bd7993620c9039191a0c30b8d8a496.zip
kernel_goldelico_gta04-775516bfa2bd7993620c9039191a0c30b8d8a496.tar.gz
kernel_goldelico_gta04-775516bfa2bd7993620c9039191a0c30b8d8a496.tar.bz2
[NETNS]: Namespace stop vs 'ip r l' race.
During network namespace stop process kernel side netlink sockets belonging to a namespace should be closed. They should not prevent namespace to stop, so they do not increment namespace usage counter. Though this counter will be put during last sock_put. The raplacement of the correct netns for init_ns solves the problem only partial as socket to be stoped until proper stop is a valid netlink kernel socket and can be looked up by the user processes. This is not a problem until it resides in initial namespace (no processes inside this net), but this is not true for init_net. So, hold the referrence for a socket, remove it from lookup tables and only after that change namespace and perform a last put. Signed-off-by: Denis V. Lunev <den@openvz.org> Tested-by: Alexey Dobriyan <adobriyan@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/fib_frontend.c7
1 files changed, 1 insertions, 6 deletions
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index e787d21..62bd791 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -869,19 +869,14 @@ static int nl_fib_lookup_init(struct net *net)
nl_fib_input, NULL, THIS_MODULE);
if (sk == NULL)
return -EAFNOSUPPORT;
- /* Don't hold an extra reference on the namespace */
- put_net(sk->sk_net);
net->ipv4.fibnl = sk;
return 0;
}
static void nl_fib_lookup_exit(struct net *net)
{
- /* At the last minute lie and say this is a socket for the
- * initial network namespace. So the socket will be safe to free.
- */
- net->ipv4.fibnl->sk_net = get_net(&init_net);
netlink_kernel_release(net->ipv4.fibnl);
+ net->ipv4.fibnl = NULL;
}
static void fib_disable_ip(struct net_device *dev, int force)