Jarek Poplawski e0f7cb8c8c ipv4: Fix fib_trie rebalancing
While doing trie_rebalance(): resize(), inflate(), halve() RCU free
tnodes before updating their parents. It depends on RCU delaying the
real destruction, but if RCU readers start after call_rcu() and before
parent update they could access freed memory.

It is currently prevented with preempt_disable() on the update side,
but it's not safe, except maybe classic RCU, plus it conflicts with
memory allocations with GFP_KERNEL flag used from these functions.

This patch explicitly delays freeing of tnodes by adding them to the
list, which is flushed after the update is finished.

Reported-by: Yan Zheng <zheng.yan@oracle.com>
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-06-15 02:31:29 -07:00
..
2008-11-25 17:59:27 -08:00
2009-06-03 02:51:04 -07:00
2008-07-16 20:20:11 -07:00
2009-05-18 22:15:58 -07:00
2008-11-25 17:59:27 -08:00
2009-06-15 02:31:29 -07:00
2009-06-03 02:51:04 -07:00
2009-06-03 02:51:04 -07:00
2009-04-28 08:03:26 -07:00
2009-06-03 02:51:04 -07:00
2009-06-03 02:51:04 -07:00
2009-06-03 02:51:04 -07:00
2009-06-03 02:51:04 -07:00
2009-06-03 02:51:02 -07:00
2008-11-25 17:30:50 -08:00
2009-06-03 02:51:04 -07:00
2009-06-14 03:16:13 -07:00
2009-06-13 23:36:32 -07:00
2008-10-07 08:38:24 +11:00
2009-06-03 02:51:04 -07:00
2009-04-27 02:45:02 -07:00
2008-06-11 21:00:38 -07:00
2009-06-03 02:51:04 -07:00
2008-11-03 18:21:05 -08:00
2009-03-02 03:00:15 -08:00
2009-03-02 03:00:15 -08:00
2009-03-02 03:00:15 -08:00
2009-03-02 03:00:14 -08:00
2009-06-03 02:51:04 -07:00
2009-03-15 20:09:52 -07:00
2009-06-03 02:51:04 -07:00
2009-03-13 16:05:14 -07:00
2009-05-25 22:44:59 -07:00
2009-03-02 03:00:15 -08:00
2009-03-02 03:00:15 -08:00
2009-06-03 02:51:04 -07:00
2009-06-03 02:51:04 -07:00
2009-06-03 02:51:04 -07:00
2009-06-03 02:51:04 -07:00