lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

netfilter: ctnetlink: fix regression in expectation handling

Browse Source 
This patch fixes a regression (introduced by myself in commit 19abb7b:
netfilter: ctnetlink: deliver events for conntracks changed from
userspace) that results in an expectation re-insertion since
__nf_ct_expect_check() may return 0 for expectation timer refreshing.

This patch also removes a unnecessary refcount bump that
pretended to avoid a possible race condition with event delivery
and expectation timers (as said, not needed since we hold a
reference to the object since until we finish the expectation
setup). This also merges nf_ct_expect_related_report() and
nf_ct_expect_related() which look basically the same.

Reported-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Pablo Neira Ayuso
2009-04-06 17:47:20 +02:00
committed by Patrick McHardy
parent 3ae16f1302
commit 83731671d9
2 changed files with 11 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
include/net/netfilter/nf_conntrack_expect.h
View File

@@ -99,9 +99,12 @@ void nf_ct_expect_init(struct nf_conntrack_expect *, unsigned int, u_int8_t,
const union nf_inet_addr *, const union nf_inet_addr *,
u_int8_t, const __be16 *, const __be16 *); u_int8_t, const __be16 *, const __be16 *);
void nf_ct_expect_put(struct nf_conntrack_expect *exp); void nf_ct_expect_put(struct nf_conntrack_expect *exp);
int nf_ct_expect_related(struct nf_conntrack_expect *expect);
int nf_ct_expect_related_report(struct nf_conntrack_expect *expect, int nf_ct_expect_related_report(struct nf_conntrack_expect *expect,
u32 pid, int report); u32 pid, int report);
static inline int nf_ct_expect_related(struct nf_conntrack_expect *expect)
{
return nf_ct_expect_related_report(expect, 0, 0);
}
#endif /*_NF_CONNTRACK_EXPECT_H*/ #endif /*_NF_CONNTRACK_EXPECT_H*/

32
net/netfilter/nf_conntrack_expect.c
View File

@@ -372,7 +372,7 @@ static inline int __nf_ct_expect_check(struct nf_conntrack_expect *expect)
struct net *net = nf_ct_exp_net(expect); struct net *net = nf_ct_exp_net(expect);
struct hlist_node *n; struct hlist_node *n;
unsigned int h; unsigned int h;
int ret = 0; int ret = 1;
if (!master_help->helper) { if (!master_help->helper) {
ret = -ESHUTDOWN; ret = -ESHUTDOWN;
@@ -412,27 +412,6 @@ out:
return ret; return ret;
} }
int nf_ct_expect_related(struct nf_conntrack_expect *expect)
{
int ret;
spin_lock_bh(&nf_conntrack_lock);
ret = __nf_ct_expect_check(expect);
if (ret < 0)
goto out;
nf_ct_expect_insert(expect);
atomic_inc(&expect->use);
spin_unlock_bh(&nf_conntrack_lock);
nf_ct_expect_event(IPEXP_NEW, expect);
nf_ct_expect_put(expect);
return ret;
out:
spin_unlock_bh(&nf_conntrack_lock);
return ret;
}
EXPORT_SYMBOL_GPL(nf_ct_expect_related);
int nf_ct_expect_related_report(struct nf_conntrack_expect *expect, int nf_ct_expect_related_report(struct nf_conntrack_expect *expect,
u32 pid, int report) u32 pid, int report)
{ {
@@ -440,13 +419,16 @@ int nf_ct_expect_related_report(struct nf_conntrack_expect *expect,
spin_lock_bh(&nf_conntrack_lock); spin_lock_bh(&nf_conntrack_lock);
ret = __nf_ct_expect_check(expect); ret = __nf_ct_expect_check(expect);
if (ret < 0) if (ret <= 0)
goto out; goto out;
ret = 0;
nf_ct_expect_insert(expect); nf_ct_expect_insert(expect);
spin_unlock_bh(&nf_conntrack_lock);
nf_ct_expect_event_report(IPEXP_NEW, expect, pid, report);
return ret;
out: out:
spin_unlock_bh(&nf_conntrack_lock); spin_unlock_bh(&nf_conntrack_lock);
if (ret == 0)
nf_ct_expect_event_report(IPEXP_NEW, expect, pid, report);
return ret; return ret;
} }
EXPORT_SYMBOL_GPL(nf_ct_expect_related_report); EXPORT_SYMBOL_GPL(nf_ct_expect_related_report);