diff options
| author | Patrick McHardy <kaber@trash.net> | 2014-01-09 13:42:34 -0500 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-01-09 14:17:14 -0500 |
| commit | baae3e62f31618d90e08fb886b4481e5d7b7f27c (patch) | |
| tree | 706f332147b442369fd5e8219fad73dae2c80a4e /include/net | |
| parent | 758206760cbadf66dc31d6587f5958691b34e9e5 (diff) | |
netfilter: nf_tables: fix chain type module reference handling
The chain type module reference handling makes no sense at all: we take
a reference immediately when the module is registered, preventing the
module from ever being unloaded.
Fix by taking a reference when we're actually creating a chain of the
chain type and release the reference when destroying the chain.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
| -rw-r--r-- | include/net/netfilter/nf_tables.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 5d2b703efe1c..e9b97862bf52 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h | |||
| @@ -436,7 +436,7 @@ struct nft_stats { | |||
| 436 | */ | 436 | */ |
| 437 | struct nft_base_chain { | 437 | struct nft_base_chain { |
| 438 | struct nf_hook_ops ops[NFT_HOOK_OPS_MAX]; | 438 | struct nf_hook_ops ops[NFT_HOOK_OPS_MAX]; |
| 439 | enum nft_chain_type type; | 439 | struct nf_chain_type *type; |
| 440 | u8 policy; | 440 | u8 policy; |
| 441 | struct nft_stats __percpu *stats; | 441 | struct nft_stats __percpu *stats; |
| 442 | struct nft_chain chain; | 442 | struct nft_chain chain; |