From 3f03e387893ffa07a4d5dac96772f9db3221a185 Mon Sep 17 00:00:00 2001 From: Pavel Emelyanov Date: Tue, 11 Dec 2007 02:41:25 -0800 Subject: [PATCH] [VLAN]: Fix potential race in vlan_cleanup_module vs vlan_ioctl_handler. The vlan module cleanup function starts with vlan_netlink_fini(); vlan_ioctl_set(NULL); The first call removes all the vlan devices and the second one closes the vlan ioctl. AFAIS there's a tiny race window between these two calls - after rtnl unregistered all the vlans, but the ioctl handler isn't set to NULL yet, user can manage to call this ioctl and create one vlan device, and that this function will later BUG_ON seeing non-emply hashes. I think, that we must first close the vlan ioctl and only after this remove all the vlans with the vlan_netlink_fini() call. Signed-off-by: Pavel Emelyanov Acked-by: Patrick McHardy Signed-off-by: David S. Miller --- net/8021q/vlan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c index 5b183156307a..4add9bd4bc8d 100644 --- a/net/8021q/vlan.c +++ b/net/8021q/vlan.c @@ -124,8 +124,8 @@ static void __exit vlan_cleanup_module(void) { int i; - vlan_netlink_fini(); vlan_ioctl_set(NULL); + vlan_netlink_fini(); /* Un-register us from receiving netdevice events */ unregister_netdevice_notifier(&vlan_notifier_block); -- 2.30.2