* [PATCH 5/7] Fix a deadlock in new_conntrack
@ 2005-08-01 17:05 Pablo Neira
2005-08-01 17:16 ` Patrick McHardy
0 siblings, 1 reply; 3+ messages in thread
From: Pablo Neira @ 2005-08-01 17:05 UTC (permalink / raw)
To: Netfilter Development Mailinglist; +Cc: Harald Welte
[-- Attachment #1: Type: text/plain, Size: 80 bytes --]
Fix a deadlock during conntrack creation. ip_conntrack_lock is unlocked
twice.
[-- Attachment #2: 05fix-deadlock.patch --]
[-- Type: text/x-patch, Size: 826 bytes --]
Index: netfilter-2.6.14/net/ipv4/netfilter/ip_conntrack_netlink.c
===================================================================
--- netfilter-2.6.14.orig/net/ipv4/netfilter/ip_conntrack_netlink.c 2005-08-01 18:21:13.000000000 +0200
+++ netfilter-2.6.14/net/ipv4/netfilter/ip_conntrack_netlink.c 2005-08-01 18:21:18.000000000 +0200
@@ -1094,13 +1094,12 @@
err = -ENOENT;
if (nlh->nlmsg_flags & NLM_F_CREATE)
err = ctnetlink_create_conntrack(cda, &otuple, &rtuple);
+ return err;
+ }
+ /* we only allow nat config for new conntracks */
+ if (cda[CTA_NAT-1]) {
+ err = -EINVAL;
goto out_unlock;
- } else {
- /* we only allow nat config for new conntracks */
- if (cda[CTA_NAT-1]) {
- err = -EINVAL;
- goto out_unlock;
- }
}
/* We manipulate the conntrack inside the global conntrack table lock,
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 5/7] Fix a deadlock in new_conntrack
2005-08-01 17:05 [PATCH 5/7] Fix a deadlock in new_conntrack Pablo Neira
@ 2005-08-01 17:16 ` Patrick McHardy
2005-08-01 17:21 ` Patrick McHardy
0 siblings, 1 reply; 3+ messages in thread
From: Patrick McHardy @ 2005-08-01 17:16 UTC (permalink / raw)
To: Pablo Neira; +Cc: Harald Welte, Netfilter Development Mailinglist
Pablo Neira wrote:
> Fix a deadlock during conntrack creation. ip_conntrack_lock is unlocked
> twice.
Please keep the exit paths at the end by adding a out: label.
> ------------------------------------------------------------------------
>
> Index: netfilter-2.6.14/net/ipv4/netfilter/ip_conntrack_netlink.c
> ===================================================================
> --- netfilter-2.6.14.orig/net/ipv4/netfilter/ip_conntrack_netlink.c 2005-08-01 18:21:13.000000000 +0200
> +++ netfilter-2.6.14/net/ipv4/netfilter/ip_conntrack_netlink.c 2005-08-01 18:21:18.000000000 +0200
> @@ -1094,13 +1094,12 @@
> err = -ENOENT;
> if (nlh->nlmsg_flags & NLM_F_CREATE)
> err = ctnetlink_create_conntrack(cda, &otuple, &rtuple);
> + return err;
> + }
> + /* we only allow nat config for new conntracks */
> + if (cda[CTA_NAT-1]) {
> + err = -EINVAL;
> goto out_unlock;
> - } else {
> - /* we only allow nat config for new conntracks */
> - if (cda[CTA_NAT-1]) {
> - err = -EINVAL;
> - goto out_unlock;
> - }
> }
>
> /* We manipulate the conntrack inside the global conntrack table lock,
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 5/7] Fix a deadlock in new_conntrack
2005-08-01 17:16 ` Patrick McHardy
@ 2005-08-01 17:21 ` Patrick McHardy
0 siblings, 0 replies; 3+ messages in thread
From: Patrick McHardy @ 2005-08-01 17:21 UTC (permalink / raw)
To: Pablo Neira; +Cc: Harald Welte, Netfilter Development Mailinglist
Patrick McHardy wrote:
> Pablo Neira wrote:
>
>>Fix a deadlock during conntrack creation. ip_conntrack_lock is unlocked
>>twice.
>
>
> Please keep the exit paths at the end by adding a out: label.
Don't bother, they aren't at the end right now :)
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-08-01 17:21 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-08-01 17:05 [PATCH 5/7] Fix a deadlock in new_conntrack Pablo Neira
2005-08-01 17:16 ` Patrick McHardy
2005-08-01 17:21 ` Patrick McHardy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.