tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
[NET]: Fix MAX_HEADER setting.
[NETFILTER]: ipt_REJECT: fix memory corruption
[NETFILTER]: conntrack: fix refcount leak when finding expectation
[NETFILTER]: ctnetlink: fix reference count leak
[NETFILTER]: nf_conntrack: fix the race on assign helper to new conntrack
[NETFILTER]: nfctnetlink: assign helper to newly created conntrack

Linus Torvalds 1275361c 4f404caf

+35 -22
+4 -2
include/linux/netdevice.h
··· 93 93 #endif 94 94 #endif 95 95 96 - #if !defined(CONFIG_NET_IPIP) && \ 97 - !defined(CONFIG_IPV6) && !defined(CONFIG_IPV6_MODULE) 96 + #if !defined(CONFIG_NET_IPIP) && !defined(CONFIG_NET_IPIP_MODULE) && \ 97 + !defined(CONFIG_NET_IPGRE) && !defined(CONFIG_NET_IPGRE_MODULE) && \ 98 + !defined(CONFIG_IPV6_SIT) && !defined(CONFIG_IPV6_SIT_MODULE) && \ 99 + !defined(CONFIG_IPV6_TUNNEL) && !defined(CONFIG_IPV6_TUNNEL_MODULE) 98 100 #define MAX_HEADER LL_MAX_HEADER 99 101 #else 100 102 #define MAX_HEADER (LL_MAX_HEADER + 48)
+3 -3
net/ipv4/netfilter/ip_conntrack_core.c
··· 225 225 struct ip_conntrack_expect *i; 226 226 227 227 list_for_each_entry(i, &ip_conntrack_expect_list, list) { 228 - if (ip_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask)) { 229 - atomic_inc(&i->use); 228 + if (ip_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask)) 230 229 return i; 231 - } 232 230 } 233 231 return NULL; 234 232 } ··· 239 241 240 242 read_lock_bh(&ip_conntrack_lock); 241 243 i = __ip_conntrack_expect_find(tuple); 244 + if (i) 245 + atomic_inc(&i->use); 242 246 read_unlock_bh(&ip_conntrack_lock); 243 247 244 248 return i;
+1
net/ipv4/netfilter/ip_conntrack_netlink.c
··· 153 153 return ret; 154 154 155 155 nfattr_failure: 156 + ip_conntrack_proto_put(proto); 156 157 return -1; 157 158 } 158 159
+9 -7
net/ipv4/netfilter/ipt_REJECT.c
··· 114 114 tcph->window = 0; 115 115 tcph->urg_ptr = 0; 116 116 117 + /* Adjust TCP checksum */ 118 + tcph->check = 0; 119 + tcph->check = tcp_v4_check(tcph, sizeof(struct tcphdr), 120 + nskb->nh.iph->saddr, 121 + nskb->nh.iph->daddr, 122 + csum_partial((char *)tcph, 123 + sizeof(struct tcphdr), 0)); 124 + 117 125 /* Set DF, id = 0 */ 118 126 nskb->nh.iph->frag_off = htons(IP_DF); 119 127 nskb->nh.iph->id = 0; ··· 137 129 if (ip_route_me_harder(&nskb, addr_type)) 138 130 goto free_nskb; 139 131 140 - /* Adjust TCP checksum */ 141 132 nskb->ip_summed = CHECKSUM_NONE; 142 - tcph->check = 0; 143 - tcph->check = tcp_v4_check(tcph, sizeof(struct tcphdr), 144 - nskb->nh.iph->saddr, 145 - nskb->nh.iph->daddr, 146 - csum_partial((char *)tcph, 147 - sizeof(struct tcphdr), 0)); 133 + 148 134 /* Adjust IP TTL */ 149 135 nskb->nh.iph->ttl = dst_metric(nskb->dst, RTAX_HOPLIMIT); 150 136
+9 -10
net/netfilter/nf_conntrack_core.c
··· 469 469 struct nf_conntrack_expect *i; 470 470 471 471 list_for_each_entry(i, &nf_conntrack_expect_list, list) { 472 - if (nf_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask)) { 473 - atomic_inc(&i->use); 472 + if (nf_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask)) 474 473 return i; 475 - } 476 474 } 477 475 return NULL; 478 476 } ··· 483 485 484 486 read_lock_bh(&nf_conntrack_lock); 485 487 i = __nf_conntrack_expect_find(tuple); 488 + if (i) 489 + atomic_inc(&i->use); 486 490 read_unlock_bh(&nf_conntrack_lock); 487 491 488 492 return i; ··· 893 893 894 894 memset(conntrack, 0, nf_ct_cache[features].size); 895 895 conntrack->features = features; 896 - if (helper) { 897 - struct nf_conn_help *help = nfct_help(conntrack); 898 - NF_CT_ASSERT(help); 899 - help->helper = helper; 900 - } 901 - 902 896 atomic_set(&conntrack->ct_general.use, 1); 903 897 conntrack->ct_general.destroy = destroy_conntrack; 904 898 conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple = *orig; ··· 976 982 #endif 977 983 nf_conntrack_get(&conntrack->master->ct_general); 978 984 NF_CT_STAT_INC(expect_new); 979 - } else 985 + } else { 986 + struct nf_conn_help *help = nfct_help(conntrack); 987 + 988 + if (help) 989 + help->helper = __nf_ct_helper_find(&repl_tuple); 980 990 NF_CT_STAT_INC(new); 991 + } 981 992 982 993 /* Overload tuple linked list to put us in unconfirmed list. */ 983 994 list_add(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL].list, &unconfirmed);
+9
net/netfilter/nf_conntrack_netlink.c
··· 161 161 return ret; 162 162 163 163 nfattr_failure: 164 + nf_ct_proto_put(proto); 164 165 return -1; 165 166 } 166 167 ··· 950 949 { 951 950 struct nf_conn *ct; 952 951 int err = -EINVAL; 952 + struct nf_conn_help *help; 953 953 954 954 ct = nf_conntrack_alloc(otuple, rtuple); 955 955 if (ct == NULL || IS_ERR(ct)) ··· 978 976 ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1])); 979 977 #endif 980 978 979 + help = nfct_help(ct); 980 + if (help) 981 + help->helper = nf_ct_helper_find_get(rtuple); 982 + 981 983 add_timer(&ct->timeout); 982 984 nf_conntrack_hash_insert(ct); 985 + 986 + if (help && help->helper) 987 + nf_ct_helper_put(help->helper); 983 988 984 989 return 0; 985 990