aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorYasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>2006-11-27 13:25:59 -0500
committerDavid S. Miller <davem@sunset.davemloft.net>2006-11-28 23:59:35 -0500
commit22e7410b760b9c1777839fdd10382c60df8cbda2 (patch)
treea9bee35b95ad4e197e76a022d45ac0779f115d28
parentdafc741cf23351a6f43895579a72ab8818ba00ae (diff)
[NETFILTER]: nf_conntrack: fix the race on assign helper to new conntrack
The found helper cannot be assigned to conntrack after unlocking nf_conntrack_lock. This tries to find helper to assign again. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat
-rw-r--r--net/netfilter/nf_conntrack_core.c13
1 files changed, 6 insertions, 7 deletions
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 836541e509fe..0f5830779b44 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -893,12 +893,6 @@ __nf_conntrack_alloc(const struct nf_conntrack_tuple *orig,
893 893
894 memset(conntrack, 0, nf_ct_cache[features].size); 894 memset(conntrack, 0, nf_ct_cache[features].size);
895 conntrack->features = features; 895 conntrack->features = features;
896 if (helper) {
897 struct nf_conn_help *help = nfct_help(conntrack);
898 NF_CT_ASSERT(help);
899 help->helper = helper;
900 }
901
902 atomic_set(&conntrack->ct_general.use, 1); 896 atomic_set(&conntrack->ct_general.use, 1);
903 conntrack->ct_general.destroy = destroy_conntrack; 897 conntrack->ct_general.destroy = destroy_conntrack;
904 conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple = *orig; 898 conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple = *orig;
@@ -982,8 +976,13 @@ init_conntrack(const struct nf_conntrack_tuple *tuple,
982#endif 976#endif
983 nf_conntrack_get(&conntrack->master->ct_general); 977 nf_conntrack_get(&conntrack->master->ct_general);
984 NF_CT_STAT_INC(expect_new); 978 NF_CT_STAT_INC(expect_new);
985 } else 979 } else {
980 struct nf_conn_help *help = nfct_help(conntrack);
981
982 if (help)
983 help->helper = __nf_ct_helper_find(&repl_tuple);
986 NF_CT_STAT_INC(new); 984 NF_CT_STAT_INC(new);
985 }
987 986
988 /* Overload tuple linked list to put us in unconfirmed list. */ 987 /* Overload tuple linked list to put us in unconfirmed list. */
989 list_add(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL].list, &unconfirmed); 988 list_add(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL].list, &unconfirmed);
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-03 04:42:15 -0400