On Tue, Oct 06, 2015 at 12:07:28PM +0200, Pablo Neira Ayuso wrote:
> On Tue, Oct 06, 2015 at 11:12:46AM +0900, Ken-ichirou MATSUZAWA wrote:
> > + if (flags & mask & NFQA_CFG_F_CONNTRACK) {
> > + if (!rcu_access_pointer(nfnl_ct_hook))
> > +#ifdef CONFIG_MODULES
> > + if (request_module("ip_conntrack_netlink") ||
>
> nfnl_lock is held while requesting a module, which is something that
> we should avoid. Please, abort the operation and return -EAGAIN to
> retry, this is the usual procedure when requesting other modules.
Thank you as always.
I read another request_module() part and I think I can understand,
would you review it again? I changed rcu_access_pointer() since
rcu_read_lock() is called in nfqnl_recv_config().
I think a few fix seems to be needed at that time, and try to fix
it in the following patches. Would you confirm these too?
Thanks,
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
