[IPSEC]: Temporarily remove locks around copying of non-atomic fields
authorHerbert Xu <herbert@gondor.apana.org.au>
Mon, 26 Nov 2007 11:07:34 +0000 (19:07 +0800)
committerHerbert Xu <herbert@gondor.apana.org.au>
Mon, 26 Nov 2007 11:07:34 +0000 (19:07 +0800)
The change 050f009e16f908932070313c1745d09dc69fd62b

[IPSEC]: Lock state when copying non-atomic fields to user-space

caused a regression.

Ingo Molnar reports that it causes a potential dead-lock found by the
lock validator as it tries to take x->lock within xfrm_state_lock while
numerous other sites take the locks in opposite order.

For 2.6.24, the best fix is to simply remove the added locks as that puts
us back in the same state as we've been in for years.  For later kernels
a proper fix would be to reverse the locking order for every xfrm state
user such that if x->lock is taken together with xfrm_state_lock then
it is to be taken within it.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
net/key/af_key.c
net/xfrm/xfrm_user.c

index 3b2d864ab942c15159470264ce07aa586dc94966..878039b9557dddae70eddd32a342fed056261581 100644 (file)
@@ -1015,9 +1015,7 @@ static inline struct sk_buff *pfkey_xfrm_state2msg(struct xfrm_state *x)
 {
        struct sk_buff *skb;
 
-       spin_lock_bh(&x->lock);
        skb = __pfkey_xfrm_state2msg(x, 1, 3);
-       spin_unlock_bh(&x->lock);
 
        return skb;
 }
index d41588d101d01db756f5db3a1cd40d6e783883a9..e75dbdcb08a49674b846f2ce14b02598b2ba6b3e 100644 (file)
@@ -507,7 +507,6 @@ static int copy_to_user_state_extra(struct xfrm_state *x,
                                    struct xfrm_usersa_info *p,
                                    struct sk_buff *skb)
 {
-       spin_lock_bh(&x->lock);
        copy_to_user_state(x, p);
 
        if (x->coaddr)
@@ -515,7 +514,6 @@ static int copy_to_user_state_extra(struct xfrm_state *x,
 
        if (x->lastused)
                NLA_PUT_U64(skb, XFRMA_LASTUSED, x->lastused);
-       spin_unlock_bh(&x->lock);
 
        if (x->aalg)
                NLA_PUT(skb, XFRMA_ALG_AUTH, alg_len(x->aalg), x->aalg);