aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@woody.linux-foundation.org>2007-03-06 22:53:34 -0500
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-03-06 22:53:34 -0500
commit5b3c1184e78dd7d74eced83b25af88cf1d13e686 (patch)
tree2a172026fc3492a9cdd66bca1e57d019eb78bf28 /net
parentfe1b4ba400193176213f95be3ea711a53518a609 (diff)
parent99c72ce091ec85868a0847e598eb7562dc0d8205 (diff)
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: [DCCP]: Set RTO for newly created child socket [DCCP]: Correctly split CCID half connections [NET]: Fix compat_sock_common_getsockopt typo. [NET]: Revert incorrect accept queue backlog changes. [INET]: twcal_jiffie should be unsigned long, not int [GIANFAR]: Fix compile error in latest git [PPPOE]: Use ifindex instead of device pointer in key lookups. [NETFILTER]: ip6_route_me_harder should take into account mark [NETFILTER]: nfnetlink_log: fix reference counting [NETFILTER]: nfnetlink_log: fix module reference counting [NETFILTER]: nfnetlink_log: fix possible NULL pointer dereference [NETFILTER]: nfnetlink_log: fix NULL pointer dereference [NETFILTER]: nfnetlink_log: fix use after free [NETFILTER]: nfnetlink_log: fix reference leak [NETFILTER]: tcp conntrack: accept SYN|URG as valid [NETFILTER]: nf_conntrack/nf_nat: fix incorrect config ifdefs [NETFILTER]: conntrack: fix {nf,ip}_ct_iterate_cleanup endless loops
Diffstat (limited to 'net')
-rw-r--r--net/core/sock.c2
-rw-r--r--net/dccp/input.c12
-rw-r--r--net/dccp/minisocks.c2
-rw-r--r--net/ipv4/netfilter/ip_conntrack_core.c2
-rw-r--r--net/ipv4/netfilter/ip_conntrack_proto_tcp.c4
-rw-r--r--net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c6
-rw-r--r--net/ipv4/netfilter/nf_conntrack_proto_icmp.c6
-rw-r--r--net/ipv4/netfilter/nf_nat_core.c3
-rw-r--r--net/ipv4/netfilter/nf_nat_proto_gre.c3
-rw-r--r--net/ipv4/netfilter/nf_nat_proto_icmp.c3
-rw-r--r--net/ipv4/netfilter/nf_nat_proto_tcp.c3
-rw-r--r--net/ipv4/netfilter/nf_nat_proto_udp.c3
-rw-r--r--net/ipv6/netfilter.c1
-rw-r--r--net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c6
-rw-r--r--net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c6
-rw-r--r--net/netfilter/nf_conntrack_core.c5
-rw-r--r--net/netfilter/nf_conntrack_proto_gre.c3
-rw-r--r--net/netfilter/nf_conntrack_proto_tcp.c13
-rw-r--r--net/netfilter/nf_conntrack_proto_udp.c6
-rw-r--r--net/netfilter/nfnetlink_log.c26
-rw-r--r--net/unix/af_unix.c6
21 files changed, 57 insertions, 64 deletions
diff --git a/net/core/sock.c b/net/core/sock.c
index e9986acdd0ab..8d65d6478dcd 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -1597,7 +1597,7 @@ int compat_sock_common_getsockopt(struct socket *sock, int level, int optname,
1597{ 1597{
1598 struct sock *sk = sock->sk; 1598 struct sock *sk = sock->sk;
1599 1599
1600 if (sk->sk_prot->compat_setsockopt != NULL) 1600 if (sk->sk_prot->compat_getsockopt != NULL)
1601 return sk->sk_prot->compat_getsockopt(sk, level, optname, 1601 return sk->sk_prot->compat_getsockopt(sk, level, optname,
1602 optval, optlen); 1602 optval, optlen);
1603 return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen); 1603 return sk->sk_prot->getsockopt(sk, level, optname, optval, optlen);
diff --git a/net/dccp/input.c b/net/dccp/input.c
index 4dee462f00db..287099f7f042 100644
--- a/net/dccp/input.c
+++ b/net/dccp/input.c
@@ -256,10 +256,10 @@ int dccp_rcv_established(struct sock *sk, struct sk_buff *skb,
256 * (only one is active at a time); when moving to bidirectional 256 * (only one is active at a time); when moving to bidirectional
257 * service, this needs to be revised. 257 * service, this needs to be revised.
258 */ 258 */
259 if (dccp_sk(sk)->dccps_role == DCCP_ROLE_SERVER) 259 if (dccp_sk(sk)->dccps_role == DCCP_ROLE_CLIENT)
260 ccid_hc_rx_packet_recv(dp->dccps_hc_rx_ccid, sk, skb);
261 else
262 ccid_hc_tx_packet_recv(dp->dccps_hc_tx_ccid, sk, skb); 260 ccid_hc_tx_packet_recv(dp->dccps_hc_tx_ccid, sk, skb);
261 else /* listening or connected server */
262 ccid_hc_rx_packet_recv(dp->dccps_hc_rx_ccid, sk, skb);
263 263
264 return __dccp_rcv_established(sk, skb, dh, len); 264 return __dccp_rcv_established(sk, skb, dh, len);
265discard: 265discard:
@@ -495,10 +495,10 @@ int dccp_rcv_state_process(struct sock *sk, struct sk_buff *skb,
495 goto discard; 495 goto discard;
496 496
497 /* XXX see the comments in dccp_rcv_established about this */ 497 /* XXX see the comments in dccp_rcv_established about this */
498 if (dccp_sk(sk)->dccps_role == DCCP_ROLE_SERVER) 498 if (dccp_sk(sk)->dccps_role == DCCP_ROLE_CLIENT)
499 ccid_hc_rx_packet_recv(dp->dccps_hc_rx_ccid, sk, skb);
500 else
501 ccid_hc_tx_packet_recv(dp->dccps_hc_tx_ccid, sk, skb); 499 ccid_hc_tx_packet_recv(dp->dccps_hc_tx_ccid, sk, skb);
500 else
501 ccid_hc_rx_packet_recv(dp->dccps_hc_rx_ccid, sk, skb);
502 } 502 }
503 503
504 /* 504 /*
diff --git a/net/dccp/minisocks.c b/net/dccp/minisocks.c
index 6656bb497c7b..6d235b3013dd 100644
--- a/net/dccp/minisocks.c
+++ b/net/dccp/minisocks.c
@@ -103,7 +103,7 @@ struct sock *dccp_create_openreq_child(struct sock *sk,
103 103
104 if (newsk != NULL) { 104 if (newsk != NULL) {
105 const struct dccp_request_sock *dreq = dccp_rsk(req); 105 const struct dccp_request_sock *dreq = dccp_rsk(req);
106 struct inet_connection_sock *newicsk = inet_csk(sk); 106 struct inet_connection_sock *newicsk = inet_csk(newsk);
107 struct dccp_sock *newdp = dccp_sk(newsk); 107 struct dccp_sock *newdp = dccp_sk(newsk);
108 struct dccp_minisock *newdmsk = dccp_msk(newsk); 108 struct dccp_minisock *newdmsk = dccp_msk(newsk);
109 109
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
index 07ba1dd136b5..23b99ae2cc37 100644
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -1254,7 +1254,7 @@ get_next_corpse(int (*iter)(struct ip_conntrack *i, void *data),
1254 list_for_each_entry(h, &unconfirmed, list) { 1254 list_for_each_entry(h, &unconfirmed, list) {
1255 ct = tuplehash_to_ctrack(h); 1255 ct = tuplehash_to_ctrack(h);
1256 if (iter(ct, data)) 1256 if (iter(ct, data))
1257 goto found; 1257 set_bit(IPS_DYING_BIT, &ct->status);
1258 } 1258 }
1259 write_unlock_bh(&ip_conntrack_lock); 1259 write_unlock_bh(&ip_conntrack_lock);
1260 return NULL; 1260 return NULL;
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
index 170d625fad67..0a72eab14620 100644
--- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
+++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
@@ -812,8 +812,10 @@ void ip_conntrack_tcp_update(struct sk_buff *skb,
812static const u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG) + 1] = 812static const u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG) + 1] =
813{ 813{
814 [TH_SYN] = 1, 814 [TH_SYN] = 1,
815 [TH_SYN|TH_ACK] = 1,
816 [TH_SYN|TH_PUSH] = 1, 815 [TH_SYN|TH_PUSH] = 1,
816 [TH_SYN|TH_URG] = 1,
817 [TH_SYN|TH_PUSH|TH_URG] = 1,
818 [TH_SYN|TH_ACK] = 1,
817 [TH_SYN|TH_ACK|TH_PUSH] = 1, 819 [TH_SYN|TH_ACK|TH_PUSH] = 1,
818 [TH_RST] = 1, 820 [TH_RST] = 1,
819 [TH_RST|TH_ACK] = 1, 821 [TH_RST|TH_ACK] = 1,
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index b984db771258..8f3e92d20df8 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -379,8 +379,7 @@ getorigdst(struct sock *sk, int optval, void __user *user, int *len)
379 return -ENOENT; 379 return -ENOENT;
380} 380}
381 381
382#if defined(CONFIG_NF_CT_NETLINK) || \ 382#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
383 defined(CONFIG_NF_CT_NETLINK_MODULE)
384 383
385#include <linux/netfilter/nfnetlink.h> 384#include <linux/netfilter/nfnetlink.h>
386#include <linux/netfilter/nfnetlink_conntrack.h> 385#include <linux/netfilter/nfnetlink_conntrack.h>
@@ -435,8 +434,7 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4 = {
435 .print_conntrack = ipv4_print_conntrack, 434 .print_conntrack = ipv4_print_conntrack,
436 .prepare = ipv4_prepare, 435 .prepare = ipv4_prepare,
437 .get_features = ipv4_get_features, 436 .get_features = ipv4_get_features,
438#if defined(CONFIG_NF_CT_NETLINK) || \ 437#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
439 defined(CONFIG_NF_CT_NETLINK_MODULE)
440 .tuple_to_nfattr = ipv4_tuple_to_nfattr, 438 .tuple_to_nfattr = ipv4_tuple_to_nfattr,
441 .nfattr_to_tuple = ipv4_nfattr_to_tuple, 439 .nfattr_to_tuple = ipv4_nfattr_to_tuple,
442#endif 440#endif
diff --git a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
index 88cfa6aacfc1..5fd1e5363c1a 100644
--- a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
+++ b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
@@ -268,8 +268,7 @@ icmp_error(struct sk_buff *skb, unsigned int dataoff,
268 return icmp_error_message(skb, ctinfo, hooknum); 268 return icmp_error_message(skb, ctinfo, hooknum);
269} 269}
270 270
271#if defined(CONFIG_NF_CT_NETLINK) || \ 271#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
272 defined(CONFIG_NF_CT_NETLINK_MODULE)
273 272
274#include <linux/netfilter/nfnetlink.h> 273#include <linux/netfilter/nfnetlink.h>
275#include <linux/netfilter/nfnetlink_conntrack.h> 274#include <linux/netfilter/nfnetlink_conntrack.h>
@@ -368,8 +367,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp =
368 .error = icmp_error, 367 .error = icmp_error,
369 .destroy = NULL, 368 .destroy = NULL,
370 .me = NULL, 369 .me = NULL,
371#if defined(CONFIG_NF_CT_NETLINK) || \ 370#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
372 defined(CONFIG_NF_CT_NETLINK_MODULE)
373 .tuple_to_nfattr = icmp_tuple_to_nfattr, 371 .tuple_to_nfattr = icmp_tuple_to_nfattr,
374 .nfattr_to_tuple = icmp_nfattr_to_tuple, 372 .nfattr_to_tuple = icmp_nfattr_to_tuple,
375#endif 373#endif
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c
index 2c01378d3592..452e9d326684 100644
--- a/net/ipv4/netfilter/nf_nat_core.c
+++ b/net/ipv4/netfilter/nf_nat_core.c
@@ -546,8 +546,7 @@ void nf_nat_protocol_unregister(struct nf_nat_protocol *proto)
546} 546}
547EXPORT_SYMBOL(nf_nat_protocol_unregister); 547EXPORT_SYMBOL(nf_nat_protocol_unregister);
548 548
549#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \ 549#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
550 defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
551int 550int
552nf_nat_port_range_to_nfattr(struct sk_buff *skb, 551nf_nat_port_range_to_nfattr(struct sk_buff *skb,
553 const struct nf_nat_range *range) 552 const struct nf_nat_range *range)
diff --git a/net/ipv4/netfilter/nf_nat_proto_gre.c b/net/ipv4/netfilter/nf_nat_proto_gre.c
index d3de579e09d2..e5a34c17d927 100644
--- a/net/ipv4/netfilter/nf_nat_proto_gre.c
+++ b/net/ipv4/netfilter/nf_nat_proto_gre.c
@@ -152,8 +152,7 @@ static struct nf_nat_protocol gre __read_mostly = {
152 .manip_pkt = gre_manip_pkt, 152 .manip_pkt = gre_manip_pkt,
153 .in_range = gre_in_range, 153 .in_range = gre_in_range,
154 .unique_tuple = gre_unique_tuple, 154 .unique_tuple = gre_unique_tuple,
155#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \ 155#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
156 defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
157 .range_to_nfattr = nf_nat_port_range_to_nfattr, 156 .range_to_nfattr = nf_nat_port_range_to_nfattr,
158 .nfattr_to_range = nf_nat_port_nfattr_to_range, 157 .nfattr_to_range = nf_nat_port_nfattr_to_range,
159#endif 158#endif
diff --git a/net/ipv4/netfilter/nf_nat_proto_icmp.c b/net/ipv4/netfilter/nf_nat_proto_icmp.c
index 6bc2f06de055..f71ef9b5f428 100644
--- a/net/ipv4/netfilter/nf_nat_proto_icmp.c
+++ b/net/ipv4/netfilter/nf_nat_proto_icmp.c
@@ -78,8 +78,7 @@ struct nf_nat_protocol nf_nat_protocol_icmp = {
78 .manip_pkt = icmp_manip_pkt, 78 .manip_pkt = icmp_manip_pkt,
79 .in_range = icmp_in_range, 79 .in_range = icmp_in_range,
80 .unique_tuple = icmp_unique_tuple, 80 .unique_tuple = icmp_unique_tuple,
81#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \ 81#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
82 defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
83 .range_to_nfattr = nf_nat_port_range_to_nfattr, 82 .range_to_nfattr = nf_nat_port_range_to_nfattr,
84 .nfattr_to_range = nf_nat_port_nfattr_to_range, 83 .nfattr_to_range = nf_nat_port_nfattr_to_range,
85#endif 84#endif
diff --git a/net/ipv4/netfilter/nf_nat_proto_tcp.c b/net/ipv4/netfilter/nf_nat_proto_tcp.c
index 439164c7a626..123c95913f28 100644
--- a/net/ipv4/netfilter/nf_nat_proto_tcp.c
+++ b/net/ipv4/netfilter/nf_nat_proto_tcp.c
@@ -144,8 +144,7 @@ struct nf_nat_protocol nf_nat_protocol_tcp = {
144 .manip_pkt = tcp_manip_pkt, 144 .manip_pkt = tcp_manip_pkt,
145 .in_range = tcp_in_range, 145 .in_range = tcp_in_range,
146 .unique_tuple = tcp_unique_tuple, 146 .unique_tuple = tcp_unique_tuple,
147#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \ 147#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
148 defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
149 .range_to_nfattr = nf_nat_port_range_to_nfattr, 148 .range_to_nfattr = nf_nat_port_range_to_nfattr,
150 .nfattr_to_range = nf_nat_port_nfattr_to_range, 149 .nfattr_to_range = nf_nat_port_nfattr_to_range,
151#endif 150#endif
diff --git a/net/ipv4/netfilter/nf_nat_proto_udp.c b/net/ipv4/netfilter/nf_nat_proto_udp.c
index 8cae6e063bb6..1c4c70e25cd4 100644
--- a/net/ipv4/netfilter/nf_nat_proto_udp.c
+++ b/net/ipv4/netfilter/nf_nat_proto_udp.c
@@ -134,8 +134,7 @@ struct nf_nat_protocol nf_nat_protocol_udp = {
134 .manip_pkt = udp_manip_pkt, 134 .manip_pkt = udp_manip_pkt,
135 .in_range = udp_in_range, 135 .in_range = udp_in_range,
136 .unique_tuple = udp_unique_tuple, 136 .unique_tuple = udp_unique_tuple,
137#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \ 137#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
138 defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
139 .range_to_nfattr = nf_nat_port_range_to_nfattr, 138 .range_to_nfattr = nf_nat_port_range_to_nfattr,
140 .nfattr_to_range = nf_nat_port_nfattr_to_range, 139 .nfattr_to_range = nf_nat_port_nfattr_to_range,
141#endif 140#endif
diff --git a/net/ipv6/netfilter.c b/net/ipv6/netfilter.c
index 0b2d265e7da7..1c405dd30c67 100644
--- a/net/ipv6/netfilter.c
+++ b/net/ipv6/netfilter.c
@@ -15,6 +15,7 @@ int ip6_route_me_harder(struct sk_buff *skb)
15 struct dst_entry *dst; 15 struct dst_entry *dst;
16 struct flowi fl = { 16 struct flowi fl = {
17 .oif = skb->sk ? skb->sk->sk_bound_dev_if : 0, 17 .oif = skb->sk ? skb->sk->sk_bound_dev_if : 0,
18 .mark = skb->mark,
18 .nl_u = 19 .nl_u =
19 { .ip6_u = 20 { .ip6_u =
20 { .daddr = iph->daddr, 21 { .daddr = iph->daddr,
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
index 4b7be4bb4d03..6f19c4a49560 100644
--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
@@ -353,8 +353,7 @@ static ctl_table nf_ct_ipv6_sysctl_table[] = {
353}; 353};
354#endif 354#endif
355 355
356#if defined(CONFIG_NF_CT_NETLINK) || \ 356#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
357 defined(CONFIG_NF_CT_NETLINK_MODULE)
358 357
359#include <linux/netfilter/nfnetlink.h> 358#include <linux/netfilter/nfnetlink.h>
360#include <linux/netfilter/nfnetlink_conntrack.h> 359#include <linux/netfilter/nfnetlink_conntrack.h>
@@ -403,8 +402,7 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 = {
403 .print_tuple = ipv6_print_tuple, 402 .print_tuple = ipv6_print_tuple,
404 .print_conntrack = ipv6_print_conntrack, 403 .print_conntrack = ipv6_print_conntrack,
405 .prepare = ipv6_prepare, 404 .prepare = ipv6_prepare,
406#if defined(CONFIG_NF_CT_NETLINK) || \ 405#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
407 defined(CONFIG_NF_CT_NETLINK_MODULE)
408 .tuple_to_nfattr = ipv6_tuple_to_nfattr, 406 .tuple_to_nfattr = ipv6_tuple_to_nfattr,
409 .nfattr_to_tuple = ipv6_nfattr_to_tuple, 407 .nfattr_to_tuple = ipv6_nfattr_to_tuple,
410#endif 408#endif
diff --git a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
index 21f19cc719f3..075da4f287b8 100644
--- a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
@@ -244,8 +244,7 @@ icmpv6_error(struct sk_buff *skb, unsigned int dataoff,
244 return icmpv6_error_message(skb, dataoff, ctinfo, hooknum); 244 return icmpv6_error_message(skb, dataoff, ctinfo, hooknum);
245} 245}
246 246
247#if defined(CONFIG_NF_CT_NETLINK) || \ 247#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
248 defined(CONFIG_NF_CT_NETLINK_MODULE)
249 248
250#include <linux/netfilter/nfnetlink.h> 249#include <linux/netfilter/nfnetlink.h>
251#include <linux/netfilter/nfnetlink_conntrack.h> 250#include <linux/netfilter/nfnetlink_conntrack.h>
@@ -327,8 +326,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 =
327 .packet = icmpv6_packet, 326 .packet = icmpv6_packet,
328 .new = icmpv6_new, 327 .new = icmpv6_new,
329 .error = icmpv6_error, 328 .error = icmpv6_error,
330#if defined(CONFIG_NF_CT_NETLINK) || \ 329#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
331 defined(CONFIG_NF_CT_NETLINK_MODULE)
332 .tuple_to_nfattr = icmpv6_tuple_to_nfattr, 330 .tuple_to_nfattr = icmpv6_tuple_to_nfattr,
333 .nfattr_to_tuple = icmpv6_nfattr_to_tuple, 331 .nfattr_to_tuple = icmpv6_nfattr_to_tuple,
334#endif 332#endif
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 32891ebc9e68..b3a70eb6d42a 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -976,8 +976,7 @@ void __nf_ct_refresh_acct(struct nf_conn *ct,
976} 976}
977EXPORT_SYMBOL_GPL(__nf_ct_refresh_acct); 977EXPORT_SYMBOL_GPL(__nf_ct_refresh_acct);
978 978
979#if defined(CONFIG_NF_CT_NETLINK) || \ 979#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
980 defined(CONFIG_NF_CT_NETLINK_MODULE)
981 980
982#include <linux/netfilter/nfnetlink.h> 981#include <linux/netfilter/nfnetlink.h>
983#include <linux/netfilter/nfnetlink_conntrack.h> 982#include <linux/netfilter/nfnetlink_conntrack.h>
@@ -1070,7 +1069,7 @@ get_next_corpse(int (*iter)(struct nf_conn *i, void *data),
1070 list_for_each_entry(h, &unconfirmed, list) { 1069 list_for_each_entry(h, &unconfirmed, list) {
1071 ct = nf_ct_tuplehash_to_ctrack(h); 1070 ct = nf_ct_tuplehash_to_ctrack(h);
1072 if (iter(ct, data)) 1071 if (iter(ct, data))
1073 goto found; 1072 set_bit(IPS_DYING_BIT, &ct->status);
1074 } 1073 }
1075 write_unlock_bh(&nf_conntrack_lock); 1074 write_unlock_bh(&nf_conntrack_lock);
1076 return NULL; 1075 return NULL;
diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c
index ac193ce70249..5434472420fe 100644
--- a/net/netfilter/nf_conntrack_proto_gre.c
+++ b/net/netfilter/nf_conntrack_proto_gre.c
@@ -281,8 +281,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_gre4 = {
281 .new = gre_new, 281 .new = gre_new,
282 .destroy = gre_destroy, 282 .destroy = gre_destroy,
283 .me = THIS_MODULE, 283 .me = THIS_MODULE,
284#if defined(CONFIG_NF_CONNTRACK_NETLINK) || \ 284#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
285 defined(CONFIG_NF_CONNTRACK_NETLINK_MODULE)
286 .tuple_to_nfattr = nf_ct_port_tuple_to_nfattr, 285 .tuple_to_nfattr = nf_ct_port_tuple_to_nfattr,
287 .nfattr_to_tuple = nf_ct_port_nfattr_to_tuple, 286 .nfattr_to_tuple = nf_ct_port_nfattr_to_tuple,
288#endif 287#endif
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index 069b85ca51cd..153d6619993a 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -769,8 +769,10 @@ EXPORT_SYMBOL_GPL(nf_conntrack_tcp_update);
769static u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG) + 1] = 769static u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG) + 1] =
770{ 770{
771 [TH_SYN] = 1, 771 [TH_SYN] = 1,
772 [TH_SYN|TH_ACK] = 1,
773 [TH_SYN|TH_PUSH] = 1, 772 [TH_SYN|TH_PUSH] = 1,
773 [TH_SYN|TH_URG] = 1,
774 [TH_SYN|TH_PUSH|TH_URG] = 1,
775 [TH_SYN|TH_ACK] = 1,
774 [TH_SYN|TH_ACK|TH_PUSH] = 1, 776 [TH_SYN|TH_ACK|TH_PUSH] = 1,
775 [TH_RST] = 1, 777 [TH_RST] = 1,
776 [TH_RST|TH_ACK] = 1, 778 [TH_RST|TH_ACK] = 1,
@@ -1099,8 +1101,7 @@ static int tcp_new(struct nf_conn *conntrack,
1099 return 1; 1101 return 1;
1100} 1102}
1101 1103
1102#if defined(CONFIG_NF_CT_NETLINK) || \ 1104#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
1103 defined(CONFIG_NF_CT_NETLINK_MODULE)
1104 1105
1105#include <linux/netfilter/nfnetlink.h> 1106#include <linux/netfilter/nfnetlink.h>
1106#include <linux/netfilter/nfnetlink_conntrack.h> 1107#include <linux/netfilter/nfnetlink_conntrack.h>
@@ -1378,8 +1379,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4 =
1378 .packet = tcp_packet, 1379 .packet = tcp_packet,
1379 .new = tcp_new, 1380 .new = tcp_new,
1380 .error = tcp_error, 1381 .error = tcp_error,
1381#if defined(CONFIG_NF_CT_NETLINK) || \ 1382#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
1382 defined(CONFIG_NF_CT_NETLINK_MODULE)
1383 .to_nfattr = tcp_to_nfattr, 1383 .to_nfattr = tcp_to_nfattr,
1384 .from_nfattr = nfattr_to_tcp, 1384 .from_nfattr = nfattr_to_tcp,
1385 .tuple_to_nfattr = nf_ct_port_tuple_to_nfattr, 1385 .tuple_to_nfattr = nf_ct_port_tuple_to_nfattr,
@@ -1408,8 +1408,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6 =
1408 .packet = tcp_packet, 1408 .packet = tcp_packet,
1409 .new = tcp_new, 1409 .new = tcp_new,
1410 .error = tcp_error, 1410 .error = tcp_error,
1411#if defined(CONFIG_NF_CT_NETLINK) || \ 1411#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
1412 defined(CONFIG_NF_CT_NETLINK_MODULE)
1413 .to_nfattr = tcp_to_nfattr, 1412 .to_nfattr = tcp_to_nfattr,
1414 .from_nfattr = nfattr_to_tcp, 1413 .from_nfattr = nfattr_to_tcp,
1415 .tuple_to_nfattr = nf_ct_port_tuple_to_nfattr, 1414 .tuple_to_nfattr = nf_ct_port_tuple_to_nfattr,
diff --git a/net/netfilter/nf_conntrack_proto_udp.c b/net/netfilter/nf_conntrack_proto_udp.c
index d0a1cee7ee52..a5e5726ec0c7 100644
--- a/net/netfilter/nf_conntrack_proto_udp.c
+++ b/net/netfilter/nf_conntrack_proto_udp.c
@@ -208,8 +208,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4 =
208 .packet = udp_packet, 208 .packet = udp_packet,
209 .new = udp_new, 209 .new = udp_new,
210 .error = udp_error, 210 .error = udp_error,
211#if defined(CONFIG_NF_CT_NETLINK) || \ 211#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
212 defined(CONFIG_NF_CT_NETLINK_MODULE)
213 .tuple_to_nfattr = nf_ct_port_tuple_to_nfattr, 212 .tuple_to_nfattr = nf_ct_port_tuple_to_nfattr,
214 .nfattr_to_tuple = nf_ct_port_nfattr_to_tuple, 213 .nfattr_to_tuple = nf_ct_port_nfattr_to_tuple,
215#endif 214#endif
@@ -236,8 +235,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6 =
236 .packet = udp_packet, 235 .packet = udp_packet,
237 .new = udp_new, 236 .new = udp_new,
238 .error = udp_error, 237 .error = udp_error,
239#if defined(CONFIG_NF_CT_NETLINK) || \ 238#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
240 defined(CONFIG_NF_CT_NETLINK_MODULE)
241 .tuple_to_nfattr = nf_ct_port_tuple_to_nfattr, 239 .tuple_to_nfattr = nf_ct_port_tuple_to_nfattr,
242 .nfattr_to_tuple = nf_ct_port_nfattr_to_tuple, 240 .nfattr_to_tuple = nf_ct_port_nfattr_to_tuple,
243#endif 241#endif
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index b8eab0dbc3dd..91a0972ec117 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -133,6 +133,7 @@ instance_put(struct nfulnl_instance *inst)
133 if (inst && atomic_dec_and_test(&inst->use)) { 133 if (inst && atomic_dec_and_test(&inst->use)) {
134 UDEBUG("kfree(inst=%p)\n", inst); 134 UDEBUG("kfree(inst=%p)\n", inst);
135 kfree(inst); 135 kfree(inst);
136 module_put(THIS_MODULE);
136 } 137 }
137} 138}
138 139
@@ -217,6 +218,9 @@ _instance_destroy2(struct nfulnl_instance *inst, int lock)
217 218
218 spin_lock_bh(&inst->lock); 219 spin_lock_bh(&inst->lock);
219 if (inst->skb) { 220 if (inst->skb) {
221 /* timer "holds" one reference (we have one more) */
222 if (del_timer(&inst->timer))
223 instance_put(inst);
220 if (inst->qlen) 224 if (inst->qlen)
221 __nfulnl_send(inst); 225 __nfulnl_send(inst);
222 if (inst->skb) { 226 if (inst->skb) {
@@ -228,8 +232,6 @@ _instance_destroy2(struct nfulnl_instance *inst, int lock)
228 232
229 /* and finally put the refcount */ 233 /* and finally put the refcount */
230 instance_put(inst); 234 instance_put(inst);
231
232 module_put(THIS_MODULE);
233} 235}
234 236
235static inline void 237static inline void
@@ -363,9 +365,6 @@ __nfulnl_send(struct nfulnl_instance *inst)
363{ 365{
364 int status; 366 int status;
365 367
366 if (timer_pending(&inst->timer))
367 del_timer(&inst->timer);
368
369 if (!inst->skb) 368 if (!inst->skb)
370 return 0; 369 return 0;
371 370
@@ -393,8 +392,8 @@ static void nfulnl_timer(unsigned long data)
393 392
394 spin_lock_bh(&inst->lock); 393 spin_lock_bh(&inst->lock);
395 __nfulnl_send(inst); 394 __nfulnl_send(inst);
396 instance_put(inst);
397 spin_unlock_bh(&inst->lock); 395 spin_unlock_bh(&inst->lock);
396 instance_put(inst);
398} 397}
399 398
400/* This is an inline function, we don't really care about a long 399/* This is an inline function, we don't really care about a long
@@ -560,6 +559,7 @@ __build_packet_message(struct nfulnl_instance *inst,
560 } 559 }
561 560
562 nlh->nlmsg_len = inst->skb->tail - old_tail; 561 nlh->nlmsg_len = inst->skb->tail - old_tail;
562 inst->lastnlh = nlh;
563 return 0; 563 return 0;
564 564
565nlmsg_failure: 565nlmsg_failure:
@@ -689,6 +689,9 @@ nfulnl_log_packet(unsigned int pf,
689 * enough room in the skb left. flush to userspace. */ 689 * enough room in the skb left. flush to userspace. */
690 UDEBUG("flushing old skb\n"); 690 UDEBUG("flushing old skb\n");
691 691
692 /* timer "holds" one reference (we have another one) */
693 if (del_timer(&inst->timer))
694 instance_put(inst);
692 __nfulnl_send(inst); 695 __nfulnl_send(inst);
693 696
694 if (!(inst->skb = nfulnl_alloc_skb(nlbufsiz, size))) { 697 if (!(inst->skb = nfulnl_alloc_skb(nlbufsiz, size))) {
@@ -711,15 +714,16 @@ nfulnl_log_packet(unsigned int pf,
711 inst->timer.expires = jiffies + (inst->flushtimeout*HZ/100); 714 inst->timer.expires = jiffies + (inst->flushtimeout*HZ/100);
712 add_timer(&inst->timer); 715 add_timer(&inst->timer);
713 } 716 }
714 spin_unlock_bh(&inst->lock);
715 717
718unlock_and_release:
719 spin_unlock_bh(&inst->lock);
720 instance_put(inst);
716 return; 721 return;
717 722
718alloc_failure: 723alloc_failure:
719 spin_unlock_bh(&inst->lock);
720 instance_put(inst);
721 UDEBUG("error allocating skb\n"); 724 UDEBUG("error allocating skb\n");
722 /* FIXME: statistics */ 725 /* FIXME: statistics */
726 goto unlock_and_release;
723} 727}
724 728
725static int 729static int
@@ -856,6 +860,9 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
856 ret = -EINVAL; 860 ret = -EINVAL;
857 break; 861 break;
858 } 862 }
863
864 if (!inst)
865 goto out;
859 } else { 866 } else {
860 if (!inst) { 867 if (!inst) {
861 UDEBUG("no config command, and no instance for " 868 UDEBUG("no config command, and no instance for "
@@ -909,6 +916,7 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
909 916
910out_put: 917out_put:
911 instance_put(inst); 918 instance_put(inst);
919out:
912 return ret; 920 return ret;
913} 921}
914 922
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 51ca4383c388..606971645b33 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -934,7 +934,7 @@ static long unix_wait_for_peer(struct sock *other, long timeo)
934 934
935 sched = !sock_flag(other, SOCK_DEAD) && 935 sched = !sock_flag(other, SOCK_DEAD) &&
936 !(other->sk_shutdown & RCV_SHUTDOWN) && 936 !(other->sk_shutdown & RCV_SHUTDOWN) &&
937 (skb_queue_len(&other->sk_receive_queue) >= 937 (skb_queue_len(&other->sk_receive_queue) >
938 other->sk_max_ack_backlog); 938 other->sk_max_ack_backlog);
939 939
940 unix_state_runlock(other); 940 unix_state_runlock(other);
@@ -1008,7 +1008,7 @@ restart:
1008 if (other->sk_state != TCP_LISTEN) 1008 if (other->sk_state != TCP_LISTEN)
1009 goto out_unlock; 1009 goto out_unlock;
1010 1010
1011 if (skb_queue_len(&other->sk_receive_queue) >= 1011 if (skb_queue_len(&other->sk_receive_queue) >
1012 other->sk_max_ack_backlog) { 1012 other->sk_max_ack_backlog) {
1013 err = -EAGAIN; 1013 err = -EAGAIN;
1014 if (!timeo) 1014 if (!timeo)
@@ -1381,7 +1381,7 @@ restart:
1381 } 1381 }
1382 1382
1383 if (unix_peer(other) != sk && 1383 if (unix_peer(other) != sk &&
1384 (skb_queue_len(&other->sk_receive_queue) >= 1384 (skb_queue_len(&other->sk_receive_queue) >
1385 other->sk_max_ack_backlog)) { 1385 other->sk_max_ack_backlog)) {
1386 if (!timeo) { 1386 if (!timeo) {
1387 err = -EAGAIN; 1387 err = -EAGAIN;
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-15 15:40:31 -0500