From: Eric Dumazet <eric.duma...@gmail.com>
Date: Fri, 25 Mar 2016 15:15:15 -0700
> From: Eric Dumazet <eduma...@google.com>
>
> Blocking BH in __inet{6}_lookup() is not correct, as the lookups
> are done using RCU protection.
>
> It matters only starting from Lorenzo Colitti patches to destroy
> a TCP socket, since rcu_read_lock() is already held by other users
> of these functions.
>
> This can be backported to all known stable versions, since TCP got RCU
> lookups back in 2.6.29 : Even if iproute2 contained no code to trigger
> the bug, some user programs could have used the API.
>
> Signed-off-by: Eric Dumazet <eduma...@google.com>
> Cc: Lorenzo Colitti <lore...@google.com>
This is quite the maze of RCU locking here. With this change,
inet_lookup is now:
rcu_read_lock();
sk = x(); {
rcu_read_lock();
...
rcu_read_unlock();
}
if (!sk) {
sk = y(); {
rcu_read_lock();
...
rcu_read_unlock();
}
}
rcu_read_unlock();
It would seem to me that we should bubble up the rcu locking calls.
If, as you say, the other users do RCU locking already, then it should
be safe to do what your patch is doing and also remove the RCU locking
done by __inet_lookup_established() and __inet_lookup_listener().
