diff options
author | Patrick McHardy <kaber@trash.net> | 2008-03-10 19:44:36 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-03-10 19:44:36 -0400 |
commit | 914afea84e3e20cdbcd040f8387a0e6ef20ffc97 (patch) | |
tree | 68d7e80bd238f2c2b794825213e3385c9db49de3 | |
parent | b7047a1c886386b10a103b4fea26678db8b57832 (diff) |
[NETFILTER]: nfnetlink_queue: fix EPERM when binding/unbinding and instance 0 exists
Similar to the nfnetlink_log problem, nfnetlink_queue incorrectly
returns -EPERM when binding or unbinding to an address family and
queueing instance 0 exists and is owned by a different process. Unlike
nfnetlink_log it previously completes the operation, but it is still
incorrect.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/netfilter/nfnetlink_queue.c | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index c0cc3d3618a3..012cb6910820 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c | |||
@@ -703,19 +703,12 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb, | |||
703 | /* Commands without queue context - might sleep */ | 703 | /* Commands without queue context - might sleep */ |
704 | switch (cmd->command) { | 704 | switch (cmd->command) { |
705 | case NFQNL_CFG_CMD_PF_BIND: | 705 | case NFQNL_CFG_CMD_PF_BIND: |
706 | ret = nf_register_queue_handler(ntohs(cmd->pf), | 706 | return nf_register_queue_handler(ntohs(cmd->pf), |
707 | &nfqh); | 707 | &nfqh); |
708 | break; | ||
709 | case NFQNL_CFG_CMD_PF_UNBIND: | 708 | case NFQNL_CFG_CMD_PF_UNBIND: |
710 | ret = nf_unregister_queue_handler(ntohs(cmd->pf), | 709 | return nf_unregister_queue_handler(ntohs(cmd->pf), |
711 | &nfqh); | 710 | &nfqh); |
712 | break; | ||
713 | default: | ||
714 | break; | ||
715 | } | 711 | } |
716 | |||
717 | if (ret < 0) | ||
718 | return ret; | ||
719 | } | 712 | } |
720 | 713 | ||
721 | rcu_read_lock(); | 714 | rcu_read_lock(); |