[IPV6]: ipv6_add_addr should install dstentry earlier ipv6_add_addr allocates a struct inet6_ifaddr and a dstentry, but it doesn't install the dstentry in ifa->rt until after it releases the addrconf_hash_lock. This means other CPUs will be able to see the new address while it hasn't been initialized completely yet. One possible fix would be to grab the ifp->lock spinlock when creating the address struct; a simpler fix is to just move the assignment. Acked-by: jbeulich@novell.com Acked-by: okir@suse.de Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 57f5f544f58ffa1d6c38630d0522c9c0be67c533 [log] [tgz]
author: Keir Fraser <keir.fraser@cl.cam.ac.uk> Tue Aug 29 02:43:49 2006 -0700
committer: David S. Miller <davem@sunset.davemloft.net> Tue Aug 29 21:22:18 2006 -0700
tree: c47651ea2300b28e11d6898f67f73eab41a9423b
parent: fab2caf62ed03d83bd3a3598b859c3c345a8e8b5 [diff]
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 0c5042e..c7852b3 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c

@@ -578,6 +578,8 @@
 	ifa->flags = flags | IFA_F_TENTATIVE;
 	ifa->cstamp = ifa->tstamp = jiffies;
 
+	ifa->rt = rt;
+
 	ifa->idev = idev;
 	in6_dev_hold(idev);
 	/* For caller */
@@ -603,8 +605,6 @@
 	}
 #endif
 
-	ifa->rt = rt;
-
 	in6_ifa_hold(ifa);
 	write_unlock(&idev->lock);
 out2:
commit	57f5f544f58ffa1d6c38630d0522c9c0be67c533	[log] [tgz]
author	Keir Fraser <keir.fraser@cl.cam.ac.uk>	Tue Aug 29 02:43:49 2006 -0700
committer	David S. Miller <davem@sunset.davemloft.net>	Tue Aug 29 21:22:18 2006 -0700
tree	c47651ea2300b28e11d6898f67f73eab41a9423b
parent	fab2caf62ed03d83bd3a3598b859c3c345a8e8b5 [diff]