Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: [DCCP]: Set RTO for newly created child socket [DCCP]: Correctly split CCID half connections [NET]: Fix compat_sock_common_getsockopt typo. [NET]: Revert incorrect accept queue backlog changes. [INET]: twcal_jiffie should be unsigned long, not int [GIANFAR]: Fix compile error in latest git [PPPOE]: Use ifindex instead of device pointer in key lookups. [NETFILTER]: ip6_route_me_harder should take into account mark [NETFILTER]: nfnetlink_log: fix reference counting [NETFILTER]: nfnetlink_log: fix module reference counting [NETFILTER]: nfnetlink_log: fix possible NULL pointer dereference [NETFILTER]: nfnetlink_log: fix NULL pointer dereference [NETFILTER]: nfnetlink_log: fix use after free [NETFILTER]: nfnetlink_log: fix reference leak [NETFILTER]: tcp conntrack: accept SYN|URG as valid [NETFILTER]: nf_conntrack/nf_nat: fix incorrect config ifdefs [NETFILTER]: conntrack: fix {nf,ip}_ct_iterate_cleanup endless loops
This commit is contained in:
commit
5b3c1184e7
28 changed files with 70 additions and 74 deletions
|
@ -1132,7 +1132,7 @@ static void gfar_vlan_rx_kill_vid(struct net_device *dev, uint16_t vid)
|
|||
|
||||
spin_lock_irqsave(&priv->rxlock, flags);
|
||||
|
||||
vlan_group_set_device(priv->vgrp, vid, NULL);
|
||||
vlan_group_set_device(priv->vlgrp, vid, NULL);
|
||||
|
||||
spin_unlock_irqrestore(&priv->rxlock, flags);
|
||||
}
|
||||
|
|
|
@ -140,7 +140,7 @@ static struct pppox_sock *__get_item(unsigned long sid, unsigned char *addr, int
|
|||
|
||||
ret = item_hash_table[hash];
|
||||
|
||||
while (ret && !(cmp_addr(&ret->pppoe_pa, sid, addr) && ret->pppoe_dev->ifindex == ifindex))
|
||||
while (ret && !(cmp_addr(&ret->pppoe_pa, sid, addr) && ret->pppoe_ifindex == ifindex))
|
||||
ret = ret->next;
|
||||
|
||||
return ret;
|
||||
|
@ -153,7 +153,7 @@ static int __set_item(struct pppox_sock *po)
|
|||
|
||||
ret = item_hash_table[hash];
|
||||
while (ret) {
|
||||
if (cmp_2_addr(&ret->pppoe_pa, &po->pppoe_pa) && ret->pppoe_dev->ifindex == po->pppoe_dev->ifindex)
|
||||
if (cmp_2_addr(&ret->pppoe_pa, &po->pppoe_pa) && ret->pppoe_ifindex == po->pppoe_ifindex)
|
||||
return -EALREADY;
|
||||
|
||||
ret = ret->next;
|
||||
|
@ -174,7 +174,7 @@ static struct pppox_sock *__delete_item(unsigned long sid, char *addr, int ifind
|
|||
src = &item_hash_table[hash];
|
||||
|
||||
while (ret) {
|
||||
if (cmp_addr(&ret->pppoe_pa, sid, addr) && ret->pppoe_dev->ifindex == ifindex) {
|
||||
if (cmp_addr(&ret->pppoe_pa, sid, addr) && ret->pppoe_ifindex == ifindex) {
|
||||
*src = ret->next;
|
||||
break;
|
||||
}
|
||||
|
@ -529,7 +529,7 @@ static int pppoe_release(struct socket *sock)
|
|||
|
||||
po = pppox_sk(sk);
|
||||
if (po->pppoe_pa.sid) {
|
||||
delete_item(po->pppoe_pa.sid, po->pppoe_pa.remote, po->pppoe_dev->ifindex);
|
||||
delete_item(po->pppoe_pa.sid, po->pppoe_pa.remote, po->pppoe_ifindex);
|
||||
}
|
||||
|
||||
if (po->pppoe_dev)
|
||||
|
@ -577,7 +577,7 @@ static int pppoe_connect(struct socket *sock, struct sockaddr *uservaddr,
|
|||
pppox_unbind_sock(sk);
|
||||
|
||||
/* Delete the old binding */
|
||||
delete_item(po->pppoe_pa.sid,po->pppoe_pa.remote,po->pppoe_dev->ifindex);
|
||||
delete_item(po->pppoe_pa.sid,po->pppoe_pa.remote,po->pppoe_ifindex);
|
||||
|
||||
if(po->pppoe_dev)
|
||||
dev_put(po->pppoe_dev);
|
||||
|
@ -597,6 +597,7 @@ static int pppoe_connect(struct socket *sock, struct sockaddr *uservaddr,
|
|||
goto end;
|
||||
|
||||
po->pppoe_dev = dev;
|
||||
po->pppoe_ifindex = dev->ifindex;
|
||||
|
||||
if (!(dev->flags & IFF_UP))
|
||||
goto err_put;
|
||||
|
|
|
@ -114,6 +114,7 @@ struct pppoe_hdr {
|
|||
#ifdef __KERNEL__
|
||||
struct pppoe_opt {
|
||||
struct net_device *dev; /* device associated with socket*/
|
||||
int ifindex; /* ifindex of device associated with socket */
|
||||
struct pppoe_addr pa; /* what this socket is bound to*/
|
||||
struct sockaddr_pppox relay; /* what socket data will be
|
||||
relayed to (PPPoE relaying) */
|
||||
|
@ -132,6 +133,7 @@ struct pppox_sock {
|
|||
unsigned short num;
|
||||
};
|
||||
#define pppoe_dev proto.pppoe.dev
|
||||
#define pppoe_ifindex proto.pppoe.ifindex
|
||||
#define pppoe_pa proto.pppoe.pa
|
||||
#define pppoe_relay proto.pppoe.relay
|
||||
|
||||
|
|
|
@ -45,7 +45,7 @@ static inline int ip_conntrack_confirm(struct sk_buff **pskb)
|
|||
int ret = NF_ACCEPT;
|
||||
|
||||
if (ct) {
|
||||
if (!is_confirmed(ct))
|
||||
if (!is_confirmed(ct) && !is_dying(ct))
|
||||
ret = __ip_conntrack_confirm(pskb);
|
||||
ip_ct_deliver_cached_events(ct);
|
||||
}
|
||||
|
|
|
@ -66,7 +66,7 @@ struct inet_hashinfo;
|
|||
struct inet_timewait_death_row {
|
||||
/* Short-time timewait calendar */
|
||||
int twcal_hand;
|
||||
int twcal_jiffie;
|
||||
unsigned long twcal_jiffie;
|
||||
struct timer_list twcal_timer;
|
||||
struct hlist_head twcal_row[INET_TWDR_RECYCLE_SLOTS];
|
||||
|
||||
|
|
|
@ -64,7 +64,7 @@ static inline int nf_conntrack_confirm(struct sk_buff **pskb)
|
|||
int ret = NF_ACCEPT;
|
||||
|
||||
if (ct) {
|
||||
if (!nf_ct_is_confirmed(ct))
|
||||
if (!nf_ct_is_confirmed(ct) && !nf_ct_is_dying(ct))
|
||||
ret = __nf_conntrack_confirm(pskb);
|
||||
nf_ct_deliver_cached_events(ct);
|
||||
}
|
||||
|
|
|
@ -426,7 +426,7 @@ static inline void sk_acceptq_added(struct sock *sk)
|
|||
|
||||
static inline int sk_acceptq_is_full(struct sock *sk)
|
||||
{
|
||||
return sk->sk_ack_backlog >= sk->sk_max_ack_backlog;
|
||||
return sk->sk_ack_backlog > sk->sk_max_ack_backlog;
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
@ -1597,7 +1597,7 @@ int compat_sock_common_getsockopt(struct socket *sock, int level, int optname,
|
|||
{
|
||||
struct sock *sk = sock->sk;
|
||||
|
||||
if (sk->sk_prot->compat_setsockopt != NULL)
|
||||
if (sk->sk_prot->compat_getsockopt != NULL)
|
||||
return sk->sk_prot->compat_getsockopt(sk, level, optname,
|
||||
optval, optlen);
|
||||
return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
|
||||
|
|
|
@ -256,10 +256,10 @@ int dccp_rcv_established(struct sock *sk, struct sk_buff *skb,
|
|||
* (only one is active at a time); when moving to bidirectional
|
||||
* service, this needs to be revised.
|
||||
*/
|
||||
if (dccp_sk(sk)->dccps_role == DCCP_ROLE_SERVER)
|
||||
ccid_hc_rx_packet_recv(dp->dccps_hc_rx_ccid, sk, skb);
|
||||
else
|
||||
if (dccp_sk(sk)->dccps_role == DCCP_ROLE_CLIENT)
|
||||
ccid_hc_tx_packet_recv(dp->dccps_hc_tx_ccid, sk, skb);
|
||||
else /* listening or connected server */
|
||||
ccid_hc_rx_packet_recv(dp->dccps_hc_rx_ccid, sk, skb);
|
||||
|
||||
return __dccp_rcv_established(sk, skb, dh, len);
|
||||
discard:
|
||||
|
@ -495,10 +495,10 @@ int dccp_rcv_state_process(struct sock *sk, struct sk_buff *skb,
|
|||
goto discard;
|
||||
|
||||
/* XXX see the comments in dccp_rcv_established about this */
|
||||
if (dccp_sk(sk)->dccps_role == DCCP_ROLE_SERVER)
|
||||
ccid_hc_rx_packet_recv(dp->dccps_hc_rx_ccid, sk, skb);
|
||||
else
|
||||
if (dccp_sk(sk)->dccps_role == DCCP_ROLE_CLIENT)
|
||||
ccid_hc_tx_packet_recv(dp->dccps_hc_tx_ccid, sk, skb);
|
||||
else
|
||||
ccid_hc_rx_packet_recv(dp->dccps_hc_rx_ccid, sk, skb);
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
@ -103,7 +103,7 @@ struct sock *dccp_create_openreq_child(struct sock *sk,
|
|||
|
||||
if (newsk != NULL) {
|
||||
const struct dccp_request_sock *dreq = dccp_rsk(req);
|
||||
struct inet_connection_sock *newicsk = inet_csk(sk);
|
||||
struct inet_connection_sock *newicsk = inet_csk(newsk);
|
||||
struct dccp_sock *newdp = dccp_sk(newsk);
|
||||
struct dccp_minisock *newdmsk = dccp_msk(newsk);
|
||||
|
||||
|
|
|
@ -1254,7 +1254,7 @@ get_next_corpse(int (*iter)(struct ip_conntrack *i, void *data),
|
|||
list_for_each_entry(h, &unconfirmed, list) {
|
||||
ct = tuplehash_to_ctrack(h);
|
||||
if (iter(ct, data))
|
||||
goto found;
|
||||
set_bit(IPS_DYING_BIT, &ct->status);
|
||||
}
|
||||
write_unlock_bh(&ip_conntrack_lock);
|
||||
return NULL;
|
||||
|
|
|
@ -812,8 +812,10 @@ void ip_conntrack_tcp_update(struct sk_buff *skb,
|
|||
static const u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG) + 1] =
|
||||
{
|
||||
[TH_SYN] = 1,
|
||||
[TH_SYN|TH_ACK] = 1,
|
||||
[TH_SYN|TH_PUSH] = 1,
|
||||
[TH_SYN|TH_URG] = 1,
|
||||
[TH_SYN|TH_PUSH|TH_URG] = 1,
|
||||
[TH_SYN|TH_ACK] = 1,
|
||||
[TH_SYN|TH_ACK|TH_PUSH] = 1,
|
||||
[TH_RST] = 1,
|
||||
[TH_RST|TH_ACK] = 1,
|
||||
|
|
|
@ -379,8 +379,7 @@ getorigdst(struct sock *sk, int optval, void __user *user, int *len)
|
|||
return -ENOENT;
|
||||
}
|
||||
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
|
||||
#include <linux/netfilter/nfnetlink.h>
|
||||
#include <linux/netfilter/nfnetlink_conntrack.h>
|
||||
|
@ -435,8 +434,7 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4 = {
|
|||
.print_conntrack = ipv4_print_conntrack,
|
||||
.prepare = ipv4_prepare,
|
||||
.get_features = ipv4_get_features,
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.tuple_to_nfattr = ipv4_tuple_to_nfattr,
|
||||
.nfattr_to_tuple = ipv4_nfattr_to_tuple,
|
||||
#endif
|
||||
|
|
|
@ -268,8 +268,7 @@ icmp_error(struct sk_buff *skb, unsigned int dataoff,
|
|||
return icmp_error_message(skb, ctinfo, hooknum);
|
||||
}
|
||||
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
|
||||
#include <linux/netfilter/nfnetlink.h>
|
||||
#include <linux/netfilter/nfnetlink_conntrack.h>
|
||||
|
@ -368,8 +367,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp =
|
|||
.error = icmp_error,
|
||||
.destroy = NULL,
|
||||
.me = NULL,
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.tuple_to_nfattr = icmp_tuple_to_nfattr,
|
||||
.nfattr_to_tuple = icmp_nfattr_to_tuple,
|
||||
#endif
|
||||
|
|
|
@ -546,8 +546,7 @@ void nf_nat_protocol_unregister(struct nf_nat_protocol *proto)
|
|||
}
|
||||
EXPORT_SYMBOL(nf_nat_protocol_unregister);
|
||||
|
||||
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
|
||||
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
int
|
||||
nf_nat_port_range_to_nfattr(struct sk_buff *skb,
|
||||
const struct nf_nat_range *range)
|
||||
|
|
|
@ -152,8 +152,7 @@ static struct nf_nat_protocol gre __read_mostly = {
|
|||
.manip_pkt = gre_manip_pkt,
|
||||
.in_range = gre_in_range,
|
||||
.unique_tuple = gre_unique_tuple,
|
||||
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
|
||||
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.range_to_nfattr = nf_nat_port_range_to_nfattr,
|
||||
.nfattr_to_range = nf_nat_port_nfattr_to_range,
|
||||
#endif
|
||||
|
|
|
@ -78,8 +78,7 @@ struct nf_nat_protocol nf_nat_protocol_icmp = {
|
|||
.manip_pkt = icmp_manip_pkt,
|
||||
.in_range = icmp_in_range,
|
||||
.unique_tuple = icmp_unique_tuple,
|
||||
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
|
||||
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.range_to_nfattr = nf_nat_port_range_to_nfattr,
|
||||
.nfattr_to_range = nf_nat_port_nfattr_to_range,
|
||||
#endif
|
||||
|
|
|
@ -144,8 +144,7 @@ struct nf_nat_protocol nf_nat_protocol_tcp = {
|
|||
.manip_pkt = tcp_manip_pkt,
|
||||
.in_range = tcp_in_range,
|
||||
.unique_tuple = tcp_unique_tuple,
|
||||
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
|
||||
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.range_to_nfattr = nf_nat_port_range_to_nfattr,
|
||||
.nfattr_to_range = nf_nat_port_nfattr_to_range,
|
||||
#endif
|
||||
|
|
|
@ -134,8 +134,7 @@ struct nf_nat_protocol nf_nat_protocol_udp = {
|
|||
.manip_pkt = udp_manip_pkt,
|
||||
.in_range = udp_in_range,
|
||||
.unique_tuple = udp_unique_tuple,
|
||||
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
|
||||
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.range_to_nfattr = nf_nat_port_range_to_nfattr,
|
||||
.nfattr_to_range = nf_nat_port_nfattr_to_range,
|
||||
#endif
|
||||
|
|
|
@ -15,6 +15,7 @@ int ip6_route_me_harder(struct sk_buff *skb)
|
|||
struct dst_entry *dst;
|
||||
struct flowi fl = {
|
||||
.oif = skb->sk ? skb->sk->sk_bound_dev_if : 0,
|
||||
.mark = skb->mark,
|
||||
.nl_u =
|
||||
{ .ip6_u =
|
||||
{ .daddr = iph->daddr,
|
||||
|
|
|
@ -353,8 +353,7 @@ static ctl_table nf_ct_ipv6_sysctl_table[] = {
|
|||
};
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
|
||||
#include <linux/netfilter/nfnetlink.h>
|
||||
#include <linux/netfilter/nfnetlink_conntrack.h>
|
||||
|
@ -403,8 +402,7 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 = {
|
|||
.print_tuple = ipv6_print_tuple,
|
||||
.print_conntrack = ipv6_print_conntrack,
|
||||
.prepare = ipv6_prepare,
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.tuple_to_nfattr = ipv6_tuple_to_nfattr,
|
||||
.nfattr_to_tuple = ipv6_nfattr_to_tuple,
|
||||
#endif
|
||||
|
|
|
@ -244,8 +244,7 @@ icmpv6_error(struct sk_buff *skb, unsigned int dataoff,
|
|||
return icmpv6_error_message(skb, dataoff, ctinfo, hooknum);
|
||||
}
|
||||
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
|
||||
#include <linux/netfilter/nfnetlink.h>
|
||||
#include <linux/netfilter/nfnetlink_conntrack.h>
|
||||
|
@ -327,8 +326,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 =
|
|||
.packet = icmpv6_packet,
|
||||
.new = icmpv6_new,
|
||||
.error = icmpv6_error,
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.tuple_to_nfattr = icmpv6_tuple_to_nfattr,
|
||||
.nfattr_to_tuple = icmpv6_nfattr_to_tuple,
|
||||
#endif
|
||||
|
|
|
@ -976,8 +976,7 @@ void __nf_ct_refresh_acct(struct nf_conn *ct,
|
|||
}
|
||||
EXPORT_SYMBOL_GPL(__nf_ct_refresh_acct);
|
||||
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
|
||||
#include <linux/netfilter/nfnetlink.h>
|
||||
#include <linux/netfilter/nfnetlink_conntrack.h>
|
||||
|
@ -1070,7 +1069,7 @@ get_next_corpse(int (*iter)(struct nf_conn *i, void *data),
|
|||
list_for_each_entry(h, &unconfirmed, list) {
|
||||
ct = nf_ct_tuplehash_to_ctrack(h);
|
||||
if (iter(ct, data))
|
||||
goto found;
|
||||
set_bit(IPS_DYING_BIT, &ct->status);
|
||||
}
|
||||
write_unlock_bh(&nf_conntrack_lock);
|
||||
return NULL;
|
||||
|
|
|
@ -281,8 +281,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_gre4 = {
|
|||
.new = gre_new,
|
||||
.destroy = gre_destroy,
|
||||
.me = THIS_MODULE,
|
||||
#if defined(CONFIG_NF_CONNTRACK_NETLINK) || \
|
||||
defined(CONFIG_NF_CONNTRACK_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.tuple_to_nfattr = nf_ct_port_tuple_to_nfattr,
|
||||
.nfattr_to_tuple = nf_ct_port_nfattr_to_tuple,
|
||||
#endif
|
||||
|
|
|
@ -769,8 +769,10 @@ EXPORT_SYMBOL_GPL(nf_conntrack_tcp_update);
|
|||
static u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG) + 1] =
|
||||
{
|
||||
[TH_SYN] = 1,
|
||||
[TH_SYN|TH_ACK] = 1,
|
||||
[TH_SYN|TH_PUSH] = 1,
|
||||
[TH_SYN|TH_URG] = 1,
|
||||
[TH_SYN|TH_PUSH|TH_URG] = 1,
|
||||
[TH_SYN|TH_ACK] = 1,
|
||||
[TH_SYN|TH_ACK|TH_PUSH] = 1,
|
||||
[TH_RST] = 1,
|
||||
[TH_RST|TH_ACK] = 1,
|
||||
|
@ -1099,8 +1101,7 @@ static int tcp_new(struct nf_conn *conntrack,
|
|||
return 1;
|
||||
}
|
||||
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
|
||||
#include <linux/netfilter/nfnetlink.h>
|
||||
#include <linux/netfilter/nfnetlink_conntrack.h>
|
||||
|
@ -1378,8 +1379,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4 =
|
|||
.packet = tcp_packet,
|
||||
.new = tcp_new,
|
||||
.error = tcp_error,
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.to_nfattr = tcp_to_nfattr,
|
||||
.from_nfattr = nfattr_to_tcp,
|
||||
.tuple_to_nfattr = nf_ct_port_tuple_to_nfattr,
|
||||
|
@ -1408,8 +1408,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6 =
|
|||
.packet = tcp_packet,
|
||||
.new = tcp_new,
|
||||
.error = tcp_error,
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.to_nfattr = tcp_to_nfattr,
|
||||
.from_nfattr = nfattr_to_tcp,
|
||||
.tuple_to_nfattr = nf_ct_port_tuple_to_nfattr,
|
||||
|
|
|
@ -208,8 +208,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4 =
|
|||
.packet = udp_packet,
|
||||
.new = udp_new,
|
||||
.error = udp_error,
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.tuple_to_nfattr = nf_ct_port_tuple_to_nfattr,
|
||||
.nfattr_to_tuple = nf_ct_port_nfattr_to_tuple,
|
||||
#endif
|
||||
|
@ -236,8 +235,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6 =
|
|||
.packet = udp_packet,
|
||||
.new = udp_new,
|
||||
.error = udp_error,
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || \
|
||||
defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
||||
.tuple_to_nfattr = nf_ct_port_tuple_to_nfattr,
|
||||
.nfattr_to_tuple = nf_ct_port_nfattr_to_tuple,
|
||||
#endif
|
||||
|
|
|
@ -133,6 +133,7 @@ instance_put(struct nfulnl_instance *inst)
|
|||
if (inst && atomic_dec_and_test(&inst->use)) {
|
||||
UDEBUG("kfree(inst=%p)\n", inst);
|
||||
kfree(inst);
|
||||
module_put(THIS_MODULE);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -217,6 +218,9 @@ _instance_destroy2(struct nfulnl_instance *inst, int lock)
|
|||
|
||||
spin_lock_bh(&inst->lock);
|
||||
if (inst->skb) {
|
||||
/* timer "holds" one reference (we have one more) */
|
||||
if (del_timer(&inst->timer))
|
||||
instance_put(inst);
|
||||
if (inst->qlen)
|
||||
__nfulnl_send(inst);
|
||||
if (inst->skb) {
|
||||
|
@ -228,8 +232,6 @@ _instance_destroy2(struct nfulnl_instance *inst, int lock)
|
|||
|
||||
/* and finally put the refcount */
|
||||
instance_put(inst);
|
||||
|
||||
module_put(THIS_MODULE);
|
||||
}
|
||||
|
||||
static inline void
|
||||
|
@ -363,9 +365,6 @@ __nfulnl_send(struct nfulnl_instance *inst)
|
|||
{
|
||||
int status;
|
||||
|
||||
if (timer_pending(&inst->timer))
|
||||
del_timer(&inst->timer);
|
||||
|
||||
if (!inst->skb)
|
||||
return 0;
|
||||
|
||||
|
@ -393,8 +392,8 @@ static void nfulnl_timer(unsigned long data)
|
|||
|
||||
spin_lock_bh(&inst->lock);
|
||||
__nfulnl_send(inst);
|
||||
instance_put(inst);
|
||||
spin_unlock_bh(&inst->lock);
|
||||
instance_put(inst);
|
||||
}
|
||||
|
||||
/* This is an inline function, we don't really care about a long
|
||||
|
@ -560,6 +559,7 @@ __build_packet_message(struct nfulnl_instance *inst,
|
|||
}
|
||||
|
||||
nlh->nlmsg_len = inst->skb->tail - old_tail;
|
||||
inst->lastnlh = nlh;
|
||||
return 0;
|
||||
|
||||
nlmsg_failure:
|
||||
|
@ -689,6 +689,9 @@ nfulnl_log_packet(unsigned int pf,
|
|||
* enough room in the skb left. flush to userspace. */
|
||||
UDEBUG("flushing old skb\n");
|
||||
|
||||
/* timer "holds" one reference (we have another one) */
|
||||
if (del_timer(&inst->timer))
|
||||
instance_put(inst);
|
||||
__nfulnl_send(inst);
|
||||
|
||||
if (!(inst->skb = nfulnl_alloc_skb(nlbufsiz, size))) {
|
||||
|
@ -711,15 +714,16 @@ nfulnl_log_packet(unsigned int pf,
|
|||
inst->timer.expires = jiffies + (inst->flushtimeout*HZ/100);
|
||||
add_timer(&inst->timer);
|
||||
}
|
||||
spin_unlock_bh(&inst->lock);
|
||||
|
||||
unlock_and_release:
|
||||
spin_unlock_bh(&inst->lock);
|
||||
instance_put(inst);
|
||||
return;
|
||||
|
||||
alloc_failure:
|
||||
spin_unlock_bh(&inst->lock);
|
||||
instance_put(inst);
|
||||
UDEBUG("error allocating skb\n");
|
||||
/* FIXME: statistics */
|
||||
goto unlock_and_release;
|
||||
}
|
||||
|
||||
static int
|
||||
|
@ -856,6 +860,9 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
|
|||
ret = -EINVAL;
|
||||
break;
|
||||
}
|
||||
|
||||
if (!inst)
|
||||
goto out;
|
||||
} else {
|
||||
if (!inst) {
|
||||
UDEBUG("no config command, and no instance for "
|
||||
|
@ -909,6 +916,7 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
|
|||
|
||||
out_put:
|
||||
instance_put(inst);
|
||||
out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
|
|
@ -934,7 +934,7 @@ static long unix_wait_for_peer(struct sock *other, long timeo)
|
|||
|
||||
sched = !sock_flag(other, SOCK_DEAD) &&
|
||||
!(other->sk_shutdown & RCV_SHUTDOWN) &&
|
||||
(skb_queue_len(&other->sk_receive_queue) >=
|
||||
(skb_queue_len(&other->sk_receive_queue) >
|
||||
other->sk_max_ack_backlog);
|
||||
|
||||
unix_state_runlock(other);
|
||||
|
@ -1008,7 +1008,7 @@ restart:
|
|||
if (other->sk_state != TCP_LISTEN)
|
||||
goto out_unlock;
|
||||
|
||||
if (skb_queue_len(&other->sk_receive_queue) >=
|
||||
if (skb_queue_len(&other->sk_receive_queue) >
|
||||
other->sk_max_ack_backlog) {
|
||||
err = -EAGAIN;
|
||||
if (!timeo)
|
||||
|
@ -1381,7 +1381,7 @@ restart:
|
|||
}
|
||||
|
||||
if (unix_peer(other) != sk &&
|
||||
(skb_queue_len(&other->sk_receive_queue) >=
|
||||
(skb_queue_len(&other->sk_receive_queue) >
|
||||
other->sk_max_ack_backlog)) {
|
||||
if (!timeo) {
|
||||
err = -EAGAIN;
|
||||
|
|
Loading…
Reference in a new issue