diff options
| author | Phil Oester <kernel@linuxace.com> | 2013-08-27 19:41:40 -0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2013-09-14 09:54:56 -0400 |
| commit | b70a23ab4ab5a95ab9be1bf77b73c1ad9f4e15a4 (patch) | |
| tree | 37c0495edccb13f87f9c3e2bea5442fc6a38f681 /net | |
| parent | 4b7ead801d3e174ae14ccaed02773041419ae278 (diff) | |
tcp: tcp_make_synack() should use sock_wmalloc
[ Upstream commit eb8895debe1baba41fcb62c78a16f0c63c21662a ]
In commit 90ba9b19 (tcp: tcp_make_synack() can use alloc_skb()), Eric changed
the call to sock_wmalloc in tcp_make_synack to alloc_skb. In doing so,
the netfilter owner match lost its ability to block the SYNACK packet on
outbound listening sockets. Revert the change, restoring the owner match
functionality.
This closes netfilter bugzilla #847.
Signed-off-by: Phil Oester <kernel@linuxace.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/ipv4/tcp_output.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index 2c48d51f47a0..0145ce7e6098 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c | |||
| @@ -2664,7 +2664,7 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, | |||
| 2664 | int tcp_header_size; | 2664 | int tcp_header_size; |
| 2665 | int mss; | 2665 | int mss; |
| 2666 | 2666 | ||
| 2667 | skb = alloc_skb(MAX_TCP_HEADER + 15, sk_gfp_atomic(sk, GFP_ATOMIC)); | 2667 | skb = sock_wmalloc(sk, MAX_TCP_HEADER + 15, 1, GFP_ATOMIC); |
| 2668 | if (unlikely(!skb)) { | 2668 | if (unlikely(!skb)) { |
| 2669 | dst_release(dst); | 2669 | dst_release(dst); |
| 2670 | return NULL; | 2670 | return NULL; |