From: Jarek Poplawski Date: Tue, 30 Jun 2009 19:47:19 +0000 (-0700) Subject: ipv4: Fix fib_trie rebalancing, part 3 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=008440e3ad4b72f5048d1b1f6f5ed894fdc5ad08;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git ipv4: Fix fib_trie rebalancing, part 3 Alas current delaying of freeing old tnodes by RCU in trie_rebalance is still not enough because we can free a top tnode before updating a t->trie pointer. Reported-by: Pawel Staszewski Tested-by: Pawel Staszewski Signed-off-by: Jarek Poplawski Signed-off-by: David S. Miller --- diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c index 012cf5a68581..00a54b246dfe 100644 --- a/net/ipv4/fib_trie.c +++ b/net/ipv4/fib_trie.c @@ -1021,6 +1021,9 @@ static void trie_rebalance(struct trie *t, struct tnode *tn) (struct node *)tn, wasfull); tp = node_parent((struct node *) tn); + if (!tp) + rcu_assign_pointer(t->trie, (struct node *)tn); + tnode_free_flush(); if (!tp) break;