On Wed, Sep 26, 2012 at 05:42:31PM +0800, Gao feng wrote:
> Hi Pablo:
>
> 于 2012年09月26日 17:26, Pablo Neira Ayuso 写道:
> > On Wed, Sep 26, 2012 at 04:41:21PM +0800, Gao feng wrote:
> >> use proper netlink_dump_control.done and .module to avoid panic.
> >>
> >> Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
> >> ---
> >> net/netfilter/nf_conntrack_netlink.c | 8 ++++++++
> >> 1 files changed, 8 insertions(+), 0 deletions(-)
> >>
> >> diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
> >> index 9807f32..509a257 100644
> >> --- a/net/netfilter/nf_conntrack_netlink.c
> >> +++ b/net/netfilter/nf_conntrack_netlink.c
> >> @@ -706,6 +706,7 @@ static int ctnetlink_done(struct netlink_callback *cb)
> >> nf_ct_put((struct nf_conn *)cb->args[1]);
> >> if (cb->data)
> >> kfree(cb->data);
> >> + netlink_dump_done(cb);
> >
> > I think you can call netlink_dump_done from af_netlink.c:
> >
> > static int netlink_dump(struct sock *sk)
> > ...
> > if (cb->done) {
> > cb->done(cb);
> > netlink_dump_done(...);
> > }
> >
> > Thus, you don't need to change netlink_dump_control in every netlink
> > subsystem.
>
> because cb->done is called by netlink_sock_destruct too,it's very usefully
> when userspace program only send dump request to kernel without reading
> data from kernel.
Then add that to netlink_sock_destruct as well. If possible, I prefer
if this remains in the netlink core to avoid leaking module refcount
if you forget to call netlink_dump_done.
> >
> >> return 0;
> >> }
> >>
> >> @@ -1022,6 +1023,7 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
> >> struct netlink_dump_control c = {
> >> .dump = ctnetlink_dump_table,
> >> .done = ctnetlink_done,
> >> + .module = THIS_MODULE,
> >
> > You can do something similar to:
> >
> > 9f00d97 netlink: hide struct module parameter in netlink_kernel_create
> >
> > by definiting netlink_dump_start as static inline and using
> > THIS_MODULE from there.
> >
> > If I'm not missing anything, with those two changes, you will not need
> > to modify any caller and it will result one single patch.
> >
>
> You can see the patch [11/11], THIS_MODULE in infiniband/core/cma.c
> means module rdma_cm,but we call netlink_dump_start in infiniband/core/netlink.c
You can still use __netlink_dump_start for that case, which allows you
to specify a custom struct module * parameter. But for most cases,
netlink_dump_start (which hides THIS_MODULE) should be fine.
> we should make sure the cb.moudle point to the module which cb.dump belongs to.
> we can call netlink_dump_start to set cb->dump everywhere, so I think we still
> need to pass struct module to the netlink_callback.
>
> thanks for your comments!
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
