Commit 013e2f91 authored by Eric Dumazet's avatar Eric Dumazet Committed by Florian Westphal
Browse files

netfilter: nfnetlink_queue: no longer acquire sk_callback_lock 



After commit 983512f3 ("net: Drop the lock in skb_may_tx_timestamp()")
from Sebastian Andrzej Siewior, apply the same logic in
nfqnl_put_sk_uidgid() to avoid touching sk->sk_callback_lock.

Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
parent b297aaef

net/netfilter/nfnetlink_queue.c

+12 −5
Original line number Diff line number Diff line
@@ -545,14 +545,23 @@ nfqnl_put_packet_info(struct sk_buff *nlskb, struct sk_buff *packet, 


static int nfqnl_put_sk_uidgid(struct sk_buff *skb, struct sock *sk)

{

	const struct socket *sock;

	const struct file *file;

	const struct cred *cred;



	if (!sk_fullsock(sk))

		return 0;



	read_lock_bh(&sk->sk_callback_lock);

	if (sk->sk_socket && sk->sk_socket->file) {

		cred = sk->sk_socket->file->f_cred;

	/* The sk pointer remains valid as long as the skb is.

	 * The sk_socket and file pointer may become NULL

	 * if the socket is closed.

	 * Both structures (including file->cred) are RCU freed

	 * which means they can be accessed within a RCU read section.

	 */

	sock = READ_ONCE(sk->sk_socket);

	file = sock ? READ_ONCE(sock->file) : NULL;

	if (file) {

		cred = file->f_cred;

		if (nla_put_be32(skb, NFQA_UID,

		    htonl(from_kuid_munged(&init_user_ns, cred->fsuid))))

			goto nla_put_failure;
@@ -560,11 +569,9 @@ static int nfqnl_put_sk_uidgid(struct sk_buff *skb, struct sock *sk) 
		    htonl(from_kgid_munged(&init_user_ns, cred->fsgid))))

			goto nla_put_failure;

	}

	read_unlock_bh(&sk->sk_callback_lock);

	return 0;



nla_put_failure:

	read_unlock_bh(&sk->sk_callback_lock);

	return -1;

}