From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756007AbYJBNY2 (ORCPT ); Thu, 2 Oct 2008 09:24:28 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1754881AbYJBNTg (ORCPT ); Thu, 2 Oct 2008 09:19:36 -0400 Received: from casper.infradead.org ([85.118.1.10]:54832 "EHLO casper.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754850AbYJBNT1 (ORCPT ); Thu, 2 Oct 2008 09:19:27 -0400 Message-Id: <20081002131609.424438287@chello.nl> References: <20081002130504.927878499@chello.nl> User-Agent: quilt/0.46-1 Date: Thu, 02 Oct 2008 15:05:28 +0200 From: Peter Zijlstra To: Linus Torvalds , Andrew Morton , linux-kernel@vger.kernel.org, linux-mm@kvack.org, netdev@vger.kernel.org, trond.myklebust@fys.uio.no, Daniel Lezcano , Pekka Enberg , Peter Zijlstra , Neil Brown , David Miller Subject: [PATCH 24/32] netfilter: NF_QUEUE vs emergency skbs Content-Disposition: inline; filename=emergency-nf_queue.patch X-Bad-Reply: References but no 'Re:' in Subject. Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Avoid memory getting stuck waiting for userspace, drop all emergency packets. This of course requires the regular storage route to not include an NF_QUEUE target ;-) Signed-off-by: Peter Zijlstra --- net/netfilter/core.c | 3 +++ 1 file changed, 3 insertions(+) Index: linux-2.6/net/netfilter/core.c =================================================================== --- linux-2.6.orig/net/netfilter/core.c +++ linux-2.6/net/netfilter/core.c @@ -176,9 +176,12 @@ next_hook: ret = 1; goto unlock; } else if (verdict == NF_DROP) { +drop: kfree_skb(skb); ret = -EPERM; } else if ((verdict & NF_VERDICT_MASK) == NF_QUEUE) { + if (skb_emergency(*pskb)) + goto drop; if (!nf_queue(skb, elem, pf, hook, indev, outdev, okfn, verdict >> NF_VERDICT_BITS)) goto next_hook; -- From mboxrd@z Thu Jan 1 00:00:00 1970 Message-Id: <20081002131609.424438287@chello.nl> References: <20081002130504.927878499@chello.nl> Date: Thu, 02 Oct 2008 15:05:28 +0200 From: Peter Zijlstra Subject: [PATCH 24/32] netfilter: NF_QUEUE vs emergency skbs Content-Disposition: inline; filename=emergency-nf_queue.patch Sender: owner-linux-mm@kvack.org Return-Path: To: Linus Torvalds , Andrew Morton , linux-kernel@vger.kernel.org, linux-mm@kvack.org, netdev@vger.kernel.org, trond.myklebust@fys.uio.no, Daniel Lezcano , Pekka Enberg , Peter Zijlstra , Neil Brown , David Miller List-ID: Avoid memory getting stuck waiting for userspace, drop all emergency packets. This of course requires the regular storage route to not include an NF_QUEUE target ;-) Signed-off-by: Peter Zijlstra --- net/netfilter/core.c | 3 +++ 1 file changed, 3 insertions(+) Index: linux-2.6/net/netfilter/core.c =================================================================== --- linux-2.6.orig/net/netfilter/core.c +++ linux-2.6/net/netfilter/core.c @@ -176,9 +176,12 @@ next_hook: ret = 1; goto unlock; } else if (verdict == NF_DROP) { +drop: kfree_skb(skb); ret = -EPERM; } else if ((verdict & NF_VERDICT_MASK) == NF_QUEUE) { + if (skb_emergency(*pskb)) + goto drop; if (!nf_queue(skb, elem, pf, hook, indev, outdev, okfn, verdict >> NF_VERDICT_BITS)) goto next_hook; -- -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org