Commit:     8cf8e5a67fb07f583aac94482ba51a7930dab493
Parent:     406a1d868001423c85a3165288e566e65f424fe6
Author:     Arnaldo Carvalho de Melo <[EMAIL PROTECTED]>
AuthorDate: Mon Jan 28 20:52:12 2008 -0800
Committer:  David S. Miller <[EMAIL PROTECTED]>
CommitDate: Thu Jan 31 19:27:08 2008 -0800

    [INET_DIAG]: Fix inet_diag_lock_handler error path.
    The inet_diag_lock_handler function uses ERR_PTR to encode errors but
    its callers were testing against NULL.
    This only happens when the only inet_diag modular user, DCCP, is not
    built into the kernel or available as a module.
    Also there was a problem with not dropping the mutex lock when a handler
    was not found, also fixed in this patch.
    This caused an OOPS and ss would then hang on subsequent calls, as
    &inet_diag_table_mutex was being left locked.
    Thanks to spike at for report it after trying 'ss -d'
    on a kernel that doesn't have DCCP available.
    This bug was introduced in cset
    d523a328fb0271e1a763e985a21f2488fd816e7e ("Fix inet_diag dead-lock
    regression"), after 2.6.24-rc3, so just 2.6.24 seems to be affected.
    Signed-off-by: Arnaldo Carvalho de Melo <[EMAIL PROTECTED]>
    Acked-by: Herbert Xu <[EMAIL PROTECTED]>
    Signed-off-by: David S. Miller <[EMAIL PROTECTED]>
 net/ipv4/inet_diag.c |   11 ++++++-----
 1 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/net/ipv4/inet_diag.c b/net/ipv4/inet_diag.c
index 605ed2c..4cfb15c 100644
--- a/net/ipv4/inet_diag.c
+++ b/net/ipv4/inet_diag.c
@@ -259,8 +259,10 @@ static int inet_diag_get_exact(struct sk_buff *in_skb,
        const struct inet_diag_handler *handler;
        handler = inet_diag_lock_handler(nlh->nlmsg_type);
-       if (!handler)
-               return -ENOENT;
+       if (IS_ERR(handler)) {
+               err = PTR_ERR(handler);
+               goto unlock;
+       }
        hashinfo = handler->idiag_hashinfo;
        err = -EINVAL;
@@ -708,8 +710,8 @@ static int inet_diag_dump(struct sk_buff *skb, struct 
netlink_callback *cb)
        struct inet_hashinfo *hashinfo;
        handler = inet_diag_lock_handler(cb->nlh->nlmsg_type);
-       if (!handler)
-               goto no_handler;
+       if (IS_ERR(handler))
+               goto unlock;
        hashinfo = handler->idiag_hashinfo;
@@ -838,7 +840,6 @@ done:
        cb->args[2] = num;
        return skb->len;
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at

Reply via email to