On Tue, Mar 14, 2017 at 8:03 AM, Paolo Abeni <pab...@redhat.com> wrote:
> I'm wondering if we really need to keep the fragment queue lock held > while sending the icmp packet ? we hold a reference to the struct, so > it can't be deleted, and AFAICS after ipq_kill() nobody else could > access/modify that queue. > > That lock is there pretty much forever, but perhaps is only a leftover > and we can release it just after ipq_kill() ? Maybe, but for peace of mind I would make sure this code path owns the skb (head) before releasing the lock. Seems something to try for net-next ?
