aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2011-01-24 13:01:07 -0500
committerPatrick McHardy <kaber@trash.net>2011-01-24 13:01:07 -0500
commitc71caf4114a0e1da3451cc92fba6a152929cd4c2 (patch)
treea80b6b3cfe4d3a9ea74316ec5a2d68a66ca67ddc /net
parentb30532515f0a62bfe17207ab00883dd262497006 (diff)
netfilter: ctnetlink: fix missing refcount increment during dumps
In 13ee6ac netfilter: fix race in conntrack between dump_table and destroy, we recovered spinlocks to protect the dump of the conntrack table according to reports from Stephen and acknowledgments on the issue from Eric. In that patch, the refcount bump that allows to keep a reference to the current ct object was removed. However, we still decrement the refcount for that object in the output path of ctnetlink_dump_table(): if (last) nf_ct_put(last) Cc: Stephen Hemminger <stephen.hemminger@vyatta.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Acked-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net')
-rw-r--r--net/netfilter/nf_conntrack_netlink.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 93297aaceb2b..eead9db6f899 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -667,6 +667,7 @@ restart:
667 if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid, 667 if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid,
668 cb->nlh->nlmsg_seq, 668 cb->nlh->nlmsg_seq,
669 IPCTNL_MSG_CT_NEW, ct) < 0) { 669 IPCTNL_MSG_CT_NEW, ct) < 0) {
670 nf_conntrack_get(&ct->ct_general);
670 cb->args[1] = (unsigned long)ct; 671 cb->args[1] = (unsigned long)ct;
671 goto out; 672 goto out;
672 } 673 }