summaryrefslogtreecommitdiffstats
path: root/ipc
diff options
context:
space:
mode:
authorAlexey Kuznetsov <kuznet@ms2.inr.ac.ru>2006-02-09 16:40:11 -0800
committerDavid S. Miller <davem@sunset.davemloft.net>2006-02-09 16:43:38 -0800
commita70ea994a0d83fd0151a070be72b87d014ef0a7e (patch)
tree40e3bf28a3fa36f20b4625c241ca14abb0c1a00d /ipc
parentad91e6fa0d331e419e4692d146cdc04e594a5bea (diff)
downloadkernel-crypto-a70ea994a0d83fd0151a070be72b87d014ef0a7e.tar.gz
kernel-crypto-a70ea994a0d83fd0151a070be72b87d014ef0a7e.tar.xz
kernel-crypto-a70ea994a0d83fd0151a070be72b87d014ef0a7e.zip
[NETLINK]: Fix a severe bug
netlink overrun was broken while improvement of netlink. Destination socket is used in the place where it was meant to be source socket, so that now overrun is never sent to user netlink sockets, when it should be, and it even can be set on kernel socket, which results in complete deadlock of rtnetlink. Suggested fix is to restore status quo passing source socket as additional argument to netlink_attachskb(). A little explanation: overrun is set on a socket, when it failed to receive some message and sender of this messages does not or even have no way to handle this error. This happens in two cases: 1. when kernel sends something. Kernel never retransmits and cannot wait for buffer space. 2. when user sends a broadcast and the message was not delivered to some recipients. Signed-off-by: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'ipc')
-rw-r--r--ipc/mqueue.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/ipc/mqueue.c b/ipc/mqueue.c
index 59302fc3643..fd2e26b6f96 100644
--- a/ipc/mqueue.c
+++ b/ipc/mqueue.c
@@ -1018,7 +1018,8 @@ retry:
goto out;
}
- ret = netlink_attachskb(sock, nc, 0, MAX_SCHEDULE_TIMEOUT);
+ ret = netlink_attachskb(sock, nc, 0,
+ MAX_SCHEDULE_TIMEOUT, NULL);
if (ret == 1)
goto retry;
if (ret) {