diff options
author | Thomas Graf <tgraf@suug.ch> | 2012-06-14 23:00:17 +0000 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2012-06-15 15:30:15 -0700 |
commit | 2a0c451ade8e1783c5d453948289e4a978d417c9 (patch) | |
tree | 136dbbaf024f45200848ec371368668872545a2e /include | |
parent | 0f6efff92524c65fc3ef41c8b936c526580f1db0 (diff) | |
download | linux-2a0c451ade8e1783c5d453948289e4a978d417c9.tar.gz linux-2a0c451ade8e1783c5d453948289e4a978d417c9.tar.bz2 linux-2a0c451ade8e1783c5d453948289e4a978d417c9.zip |
ipv6: Prevent access to uninitialized fib_table_hash via /proc/net/ipv6_route
/proc/net/ipv6_route reflects the contents of fib_table_hash. The proc
handler is installed in ip6_route_net_init() whereas fib_table_hash is
allocated in fib6_net_init() _after_ the proc handler has been installed.
This opens up a short time frame to access fib_table_hash with its pants
down.
fib6_init() as a whole can't be moved to an earlier position as it also
registers the rtnetlink message handlers which should be registered at
the end. Therefore split it into fib6_init() which is run early and
fib6_init_late() to register the rtnetlink message handlers.
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Reviewed-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r-- | include/net/ip6_fib.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/net/ip6_fib.h b/include/net/ip6_fib.h index 0ae759a6c76e..209af13b0336 100644 --- a/include/net/ip6_fib.h +++ b/include/net/ip6_fib.h @@ -271,6 +271,8 @@ extern void fib6_run_gc(unsigned long expires, extern void fib6_gc_cleanup(void); extern int fib6_init(void); +extern int fib6_init_late(void); +extern void fib6_cleanup_late(void); #ifdef CONFIG_IPV6_MULTIPLE_TABLES extern int fib6_rules_init(void); |