On Tue, 2007-07-03 at 16:11 +0200, Patrick McHardy wrote:
> >>>- nlk->groups = kzalloc(NLGRPSZ(groups), GFP_KERNEL); > >>>- if (nlk->groups == NULL) > >>>+ if (nlk->ngroups >= groups) > >>>+ return 0; > >>>+ > >>>+ new_groups = krealloc(nlk->groups, NLGRPSZ(groups), GFP_KERNEL); > >>>+ if (new_groups == NULL) > >>> return -ENOMEM; > >>>+ memset((char*)new_groups + NLGRPSZ(nlk->ngroups), 0, > >>>+ NLGRPSZ(groups) - NLGRPSZ(nlk->ngroups)); > >>>+ nlk->groups = new_groups; > >> > >> > >>This should probably happen with the table grabbed to avoid races > >>with concurrent broadcasts. > > > > > > Hmm, possibly, I'll have to look again. > > > do_one_broadcast locks the table and checks nlk->groups. The > reallocation races with this without taking the lock or maybe > using rcu. Yeah, sounds about right, but since we lock the table anyway I see little use in using RCU here. I'll look into it and also double-check the first hunk of this patch. johannes
signature.asc
Description: This is a digitally signed message part
