From: Pavel Emelyanov Date: Tue, 11 Dec 2007 10:41:25 +0000 (-0800) Subject: [VLAN]: Fix potential race in vlan_cleanup_module vs vlan_ioctl_handler. X-Git-Tag: firefly_0821_release~24039 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=3f03e387893ffa07a4d5dac96772f9db3221a185;p=firefly-linux-kernel-4.4.55.git [VLAN]: Fix potential race in vlan_cleanup_module vs vlan_ioctl_handler. The vlan module cleanup function starts with vlan_netlink_fini(); vlan_ioctl_set(NULL); The first call removes all the vlan devices and the second one closes the vlan ioctl. AFAIS there's a tiny race window between these two calls - after rtnl unregistered all the vlans, but the ioctl handler isn't set to NULL yet, user can manage to call this ioctl and create one vlan device, and that this function will later BUG_ON seeing non-emply hashes. I think, that we must first close the vlan ioctl and only after this remove all the vlans with the vlan_netlink_fini() call. Signed-off-by: Pavel Emelyanov Acked-by: Patrick McHardy Signed-off-by: David S. Miller --- diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c index 5b183156307a..4add9bd4bc8d 100644 --- a/net/8021q/vlan.c +++ b/net/8021q/vlan.c @@ -124,8 +124,8 @@ static void __exit vlan_cleanup_module(void) { int i; - vlan_netlink_fini(); vlan_ioctl_set(NULL); + vlan_netlink_fini(); /* Un-register us from receiving netdevice events */ unregister_netdevice_notifier(&vlan_notifier_block);