> On Thu, 21 Jun 2001, Rusty Russell wrote:
>
> > Disagree. A significant percentage of the netfilter bugs have been
> > SMP only (the whole thing is non-reentrant on UP).
>
> I really doubt it. <looking through the thing> <raised brows>
> Well, if you use GFP_ATOMIC for everything... grep...
> Erm... AFAICS, you call create_chain() with interrupts disabled
> (under write_lock_irq_save()). Unless I'm _very_ mistaken,
> kmalloc(..., GFP_KERNEL) is a Bad Thing(tm) in that situation.
> And create_chain() leads to it.
That's the old ipchains code; if it's buggy it's likely buggy in 2.2
too. In fact 2.2 ip_fw.c has exactly the same problem (and also a panic
on OOM)
iptables is supposed to be somewhat better (that's the new code), with
cleaner locking.
-Andi, wondering why the Stanford Checker didn't catch that.
P.S.: Could you please always change the subject in future when going
from slashdot niveau material to real kernel bugs on l-k. thanks.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/