Merge branch 'master' into for-next
This commit is contained in:
Jiri Kosina
@@ -424,6 +424,16 @@ __nf_conntrack_confirm(struct sk_buff *skb)
|
||||
|
||||
spin_lock_bh(&nf_conntrack_lock);
|
||||
|
||||
/* We have to check the DYING flag inside the lock to prevent
|
||||
a race against nf_ct_get_next_corpse() possibly called from
|
||||
user context, else we insert an already 'dead' hash, blocking
|
||||
further use of that particular connection -JM */
|
||||
|
||||
if (unlikely(nf_ct_is_dying(ct))) {
|
||||
spin_unlock_bh(&nf_conntrack_lock);
|
||||
return NF_ACCEPT;
|
||||
}
|
||||
|
||||
/* See if there's one in the list already, including reverse:
|
||||
NAT could have grabbed it without realizing, since we're
|
||||
not in the hash. If there is, we lost race. */
|
||||
|
||||
@@ -1393,10 +1393,8 @@ static int sip_help_tcp(struct sk_buff *skb, unsigned int protoff,
|
||||
|
||||
nf_ct_refresh(ct, skb, sip_timeout * HZ);
|
||||
|
||||
if (skb_is_nonlinear(skb)) {
|
||||
pr_debug("Copy of skbuff not supported yet.\n");
|
||||
return NF_ACCEPT;
|
||||
}
|
||||
if (unlikely(skb_linearize(skb)))
|
||||
return NF_DROP;
|
||||
|
||||
dptr = skb->data + dataoff;
|
||||
datalen = skb->len - dataoff;
|
||||
@@ -1455,10 +1453,8 @@ static int sip_help_udp(struct sk_buff *skb, unsigned int protoff,
|
||||
|
||||
nf_ct_refresh(ct, skb, sip_timeout * HZ);
|
||||
|
||||
if (skb_is_nonlinear(skb)) {
|
||||
pr_debug("Copy of skbuff not supported yet.\n");
|
||||
return NF_ACCEPT;
|
||||
}
|
||||
if (unlikely(skb_linearize(skb)))
|
||||
return NF_DROP;
|
||||
|
||||
dptr = skb->data + dataoff;
|
||||
datalen = skb->len - dataoff;
|
||||
|
||||
@@ -699,10 +699,8 @@ void xt_free_table_info(struct xt_table_info *info)
|
||||
vfree(info->jumpstack);
|
||||
else
|
||||
kfree(info->jumpstack);
|
||||
if (sizeof(unsigned int) * nr_cpu_ids > PAGE_SIZE)
|
||||
vfree(info->stackptr);
|
||||
else
|
||||
kfree(info->stackptr);
|
||||
|
||||
free_percpu(info->stackptr);
|
||||
|
||||
kfree(info);
|
||||
}
|
||||
@@ -753,14 +751,9 @@ static int xt_jumpstack_alloc(struct xt_table_info *i)
|
||||
unsigned int size;
|
||||
int cpu;
|
||||
|
||||
size = sizeof(unsigned int) * nr_cpu_ids;
|
||||
if (size > PAGE_SIZE)
|
||||
i->stackptr = vmalloc(size);
|
||||
else
|
||||
i->stackptr = kmalloc(size, GFP_KERNEL);
|
||||
i->stackptr = alloc_percpu(unsigned int);
|
||||
if (i->stackptr == NULL)
|
||||
return -ENOMEM;
|
||||
memset(i->stackptr, 0, size);
|
||||
|
||||
size = sizeof(void **) * nr_cpu_ids;
|
||||
if (size > PAGE_SIZE)
|
||||
@@ -844,10 +837,6 @@ struct xt_table *xt_register_table(struct net *net,
|
||||
struct xt_table_info *private;
|
||||
struct xt_table *t, *table;
|
||||
|
||||
ret = xt_jumpstack_alloc(newinfo);
|
||||
if (ret < 0)
|
||||
return ERR_PTR(ret);
|
||||
|
||||
/* Don't add one object to multiple lists. */
|
||||
table = kmemdup(input_table, sizeof(struct xt_table), GFP_KERNEL);
|
||||
if (!table) {
|
||||
|
||||
@@ -76,7 +76,7 @@ tee_tg_route4(struct sk_buff *skb, const struct xt_tee_tginfo *info)
|
||||
if (ip_route_output_key(net, &rt, &fl) != 0)
|
||||
return false;
|
||||
|
||||
dst_release(skb_dst(skb));
|
||||
skb_dst_drop(skb);
|
||||
skb_dst_set(skb, &rt->u.dst);
|
||||
skb->dev = rt->u.dst.dev;
|
||||
skb->protocol = htons(ETH_P_IP);
|
||||
@@ -157,7 +157,7 @@ tee_tg_route6(struct sk_buff *skb, const struct xt_tee_tginfo *info)
|
||||
if (dst == NULL)
|
||||
return false;
|
||||
|
||||
dst_release(skb_dst(skb));
|
||||
skb_dst_drop(skb);
|
||||
skb_dst_set(skb, dst);
|
||||
skb->dev = dst->dev;
|
||||
skb->protocol = htons(ETH_P_IPV6);
|
||||
|
||||
Reference in New Issue
Block a user