From mboxrd@z Thu Jan 1 00:00:00 1970 From: Greg Kroah-Hartman Subject: [patch 04/19] [NETFILTER]: Fix unbalanced read_unlock_bh in ctnetlink Date: Fri, 23 Dec 2005 14:47:50 -0800 Message-ID: <20051223224750.GD19057@kroah.com> References: <20051223221200.342826000@press.kroah.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Justin Forbes , Zwane Mwaikambo , "Theodore Ts'o" , Randy Dunlap , Dave Jones , Chuck Wolber , torvalds@osdl.org, akpm@osdl.org, alan@lxorguk.ukuu.org.uk, Harald Welte , Pablo Neira , Netfilter Development Mailinglist , Krzysztof Oledzki , kaber@trash.net, davem@davemloft.net Return-path: To: linux-kernel@vger.kernel.org, stable@kernel.org Content-Disposition: inline; filename="fix-unbalanced-read_unlock_bh-in-ctnetlink.patch" In-Reply-To: <20051223224712.GA18975@kroah.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: netfilter-devel.vger.kernel.org -stable review patch. If anyone has any objections, please let us know. ------------------ From: Patrick McHardy NFA_NEST calls NFA_PUT which jumps to nfattr_failure if the skb has no room left. We call read_unlock_bh at nfattr_failure for the NFA_PUT inside the locked section, so move NFA_NEST inside the locked section too. Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller Signed-off-by: Krzysztof Piotr Oledzki Signed-off-by: Greg Kroah-Hartman --- net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- linux-2.6.14.4.orig/net/ipv4/netfilter/ip_conntrack_proto_tcp.c +++ linux-2.6.14.4/net/ipv4/netfilter/ip_conntrack_proto_tcp.c @@ -341,9 +341,10 @@ static int tcp_print_conntrack(struct se static int tcp_to_nfattr(struct sk_buff *skb, struct nfattr *nfa, const struct ip_conntrack *ct) { - struct nfattr *nest_parms = NFA_NEST(skb, CTA_PROTOINFO_TCP); + struct nfattr *nest_parms; read_lock_bh(&tcp_lock); + nest_parms = NFA_NEST(skb, CTA_PROTOINFO_TCP); NFA_PUT(skb, CTA_PROTOINFO_TCP_STATE, sizeof(u_int8_t), &ct->proto.tcp.state); read_unlock_bh(&tcp_lock); --