• Frank Filz's avatar
    [NET]: Fix module reference counts for loadable protocol modules · a79af59e
    Frank Filz authored
    I have been experimenting with loadable protocol modules, and ran into
    several issues with module reference counting.
    
    The first issue was that __module_get failed at the BUG_ON check at
    the top of the routine (checking that my module reference count was
    not zero) when I created the first socket. When sk_alloc() is called,
    my module reference count was still 0. When I looked at why sctp
    didn't have this problem, I discovered that sctp creates a control
    socket during module init (when the module ref count is not 0), which
    keeps the reference count non-zero. This section has been updated to
    address the point Stephen raised about checking the return value of
    try_module_get().
    
    The next problem arose when my socket init routine returned an error.
    This resulted in my module reference count being decremented below 0.
    My socket ops->release routine was also being called. The issue here
    is that sock_release() calls the ops->release routine and decrements
    the ref count if sock->ops is not NULL. Since the socket probably
    didn't get correctly initialized, this should not be done, so we will
    set sock->ops to NULL because we will not call try_module_get().
    
    While searching for another bug, I also noticed that sys_accept() has
    a possibility of doing a module_put() when it did not do an
    __module_get so I re-ordered the call to security_socket_accept().
    Signed-off-by: default avatarFrank Filz <ffilzlnx@us.ibm.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    a79af59e
socket.c 49.1 KB