Re: [PATCH] netfilter: nf_ct_helper: Fix possible panic when nf_conntrack_helper_unregister is used in an unloadable module

[Su Yanjun <suyj.fnst@xxxxxxxxxxxxxx>]

On 2019/3/1 16:43, Sergei Shtylyov wrote:
> Hello!
>
> On 01.03.2019 8:56, Su Yanjun wrote:
>
> > From: Su Yanjun <suyj.fnst@xxxxxxxxxxxxxx>
> >
> > Because nf_conntrack_helper_unregister maybe used in an unloadable 
> > module,
> > it uses 'synchronize_rcu' which may cause kernel panic.
> >
> > According to the artical:
>
> ÂÂ Article?
I got it.
> > RCU and Unloadable Modules
> > https://lwn.net/Articles/217484/
> >
> > When we have a heavy rcu callback load, then some of the callbacks 
> > might be
> > deferred in order to allow other processing to proceed. 
> > sychnorize_rcu does
> > not wait rcu callback complete and module may be unloaded before 
> > callback
> > done.
> >
> > This patch uses rcu_barrier instead of synchronize_rcu will prevent this
> ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ ^ that/which 
> missed?
Yes.
> > situation.
> >
> > Signed-off-by: Su Yanjun <suyj.fnst@xxxxxxxxxxxxxx>
> [...]
>
> MBR, Sergei
Thanks.

Su