ipv6 flowlabel: Ensure to take lock when modifying np->ip6_sk_fl_list.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
diff --git a/net/ipv6/ip6_flowlabel.c b/net/ipv6/ip6_flowlabel.c
index 29124b7..5d767f1 100644
--- a/net/ipv6/ip6_flowlabel.c
+++ b/net/ipv6/ip6_flowlabel.c
@@ -255,10 +255,19 @@
struct ipv6_pinfo *np = inet6_sk(sk);
struct ipv6_fl_socklist *sfl;
- while ((sfl = np->ipv6_fl_list) != NULL) {
- np->ipv6_fl_list = sfl->next;
+ if (!np->ipv6_fl_list)
+ return;
+
+ write_lock_bh(&ipv6_sk_fl_lock);
+ sfl = np->ipv6_fl_list;
+ np->ipv6_fl_list = NULL;
+ write_unlock_bh(&ipv6_sk_fl_lock);
+
+ while (sfl) {
+ struct ipv6_fl_socklist *next = sfl->next;
fl_release(sfl->fl);
kfree(sfl);
+ sfl = next;
}
}