[NET]: Fix sk->sk_filter field access

Function sk_filter() is called from tcp_v{4,6}_rcv() functions with arg needlock = 0, while socket is not locked at that moment. In order to avoid this and similar issues in the future, use rcu for sk->sk_filter field read protection. Signed-off-by: Dmitry Mishin <dim@openvz.org> Signed-off-by: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Signed-off-by: Kirill Korotaev <dev@openvz.org>
author: Dmitry Mishin <dim@openvz.org> 2006-08-31 15:28:39 -0700
committer: David S. Miller <davem@sunset.davemloft.net> 2006-09-22 15:18:47 -0700
commit: fda9ef5d679b07c9d9097aaf6ef7f069d794a8f9 (patch)
tree: 6a265dc2038bc5568c5a499e6c8d4733650ed3f7 /net/core/filter.c
parent: dc435e6dac1439340eaeceef84022c4e4749796d (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/net/core/filter.c b/net/core/filter.c
index 5b4486a60cf..6732782a5a4 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -422,10 +422,10 @@ int sk_attach_filter(struct sock_fprog *fprog, struct sock *sk)
 	if (!err) {
 		struct sk_filter *old_fp;
 
-		spin_lock_bh(&sk->sk_lock.slock);
-		old_fp = sk->sk_filter;
-		sk->sk_filter = fp;
-		spin_unlock_bh(&sk->sk_lock.slock);
+		rcu_read_lock_bh();
+		old_fp = rcu_dereference(sk->sk_filter);
+		rcu_assign_pointer(sk->sk_filter, fp);
+		rcu_read_unlock_bh();
 		fp = old_fp;
 	}
author	Dmitry Mishin <dim@openvz.org>	2006-08-31 15:28:39 -0700
committer	David S. Miller <davem@sunset.davemloft.net>	2006-09-22 15:18:47 -0700
commit	fda9ef5d679b07c9d9097aaf6ef7f069d794a8f9 (patch)
tree	6a265dc2038bc5568c5a499e6c8d4733650ed3f7 /net/core/filter.c
parent	dc435e6dac1439340eaeceef84022c4e4749796d (diff)