On Thu, Jun 20, 2002 at 07:13:48PM +0000, Jason Lunz wrote:
> I can't understand why br_handle_frame() starts like this:
>
> void br_handle_frame(struct sk_buff *skb)
> {
> struct net_bridge *br;
> unsigned char *dest;
> struct net_bridge_port *p;
>
> dest = skb->mac.ethernet->h_dest;
>
> p = skb->dev->br_port;
> if (p == NULL)
> goto err_nolock;
>
> br = p->br;
> read_lock(&br->lock);
> if (skb->dev->br_port == NULL)
> goto err;
>
> Is there a reason for the last if? skb->dev->br_port was just
> dereferenced two lines earlier; if it was NULL we would have oopsed
> already. Or am I missing something?
dev->br_port is protected under the bridge lock. It can happen
that another processor detaches this device while we spin for
the lock, so we need to re-test it.
Of course, the above code still contains a race condition, as
someone could remove the bridge device altogether while we spin.
Probably the best solution for this is to do this detaching via
net_call_rx_atomic. Added to the TODO list.
cheers,
Lennert
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
