All of lore.kernel.org
 help / color / mirror / Atom feed
From: Patrick McHardy <kaber@trash.net>
To: Deti Fliegl <deti@fliegl.de>
Cc: netfilter-devel@lists.netfilter.org, pablo@eurodev.net,
	romary@nikoon.com,
	Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>
Subject: Re: problem with conntrack utility and kernel 2.6.14
Date: Sun, 04 Dec 2005 20:56:14 +0100	[thread overview]
Message-ID: <439349DE.3060706@trash.net> (raw)
In-Reply-To: <4393390C.4080301@fliegl.de>

[-- Attachment #1: Type: text/plain, Size: 189 bytes --]

Deti Fliegl wrote:
> Latest test was done with linux-2.6.15-rc5 which already contains this 
> patch.
> 
> And here comes your oops...

Found it (I hope) :)

Can you try this patch please?

[-- Attachment #2: x --]
[-- Type: text/plain, Size: 1411 bytes --]

[NETFILTER]: Fix unbalanced read_unlock_bh in ctnetlink

NFA_NEST calls NFA_PUT which jumps to nfattr_failure if the skb has no
room left. We call read_unlock_bh at nfattr_failure for the NFA_PUT inside
the locked section, so move NFA_NEST inside the locked section too.

Signed-off-by: Patrick McHardy <kaber@trash.net>

---
commit cd85228eea7c7ab9d701090e3dc9643397cf271d
tree e3fa7a6a24c5b199d311a9f74c312fee3b18eae7
parent 96c75906027f008ed3a4058a606938901e9c6d99
author Patrick McHardy <kaber@trash.net> Sun, 04 Dec 2005 20:56:05 +0100
committer Patrick McHardy <kaber@trash.net> Sun, 04 Dec 2005 20:56:05 +0100

 net/ipv4/netfilter/ip_conntrack_proto_tcp.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
index aeb7353..e7fa29e 100644
--- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
+++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
@@ -341,9 +341,10 @@ static int tcp_print_conntrack(struct se
 static int tcp_to_nfattr(struct sk_buff *skb, struct nfattr *nfa,
 			 const struct ip_conntrack *ct)
 {
-	struct nfattr *nest_parms = NFA_NEST(skb, CTA_PROTOINFO_TCP);
+	struct nfattr *nest_parms;
 	
 	read_lock_bh(&tcp_lock);
+	nest_parms = NFA_NEST(skb, CTA_PROTOINFO_TCP);
 	NFA_PUT(skb, CTA_PROTOINFO_TCP_STATE, sizeof(u_int8_t),
 		&ct->proto.tcp.state);
 	read_unlock_bh(&tcp_lock);

  reply	other threads:[~2005-12-04 19:56 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-10-28  9:08 problem with conntrack utility and kernel 2.6.14 Deti Fliegl
2005-10-28  9:26 ` Pablo Neira
2005-10-28  9:26   ` Deti Fliegl
2005-10-28 10:01 ` Pablo Neira
2005-10-28 11:48   ` Deti Fliegl
2005-10-28 19:22     ` Pablo Neira
2005-10-28 19:53       ` Deti Fliegl
2005-10-29 13:06         ` Pablo Neira
2005-10-29 15:34           ` Deti Fliegl
2005-10-29 18:35             ` Pablo Neira
2005-10-29 15:44           ` Deti Fliegl
2005-10-31  4:41             ` Pablo Neira
2005-10-31  8:28               ` Krzysztof Oledzki
2005-11-01  1:09                 ` Pablo Neira
2005-11-01 10:29                   ` Krzysztof Oledzki
2005-11-01 13:55                     ` Pablo Neira
2005-11-01 15:17                       ` Krzysztof Oledzki
2005-11-01 16:39                         ` Pablo Neira
2005-11-01 18:49                           ` Krzysztof Oledzki
2005-11-01 19:27                             ` Pablo Neira
2005-11-01 19:39                               ` Krzysztof Oledzki
2005-11-01 20:07                             ` Pablo Neira
2005-11-01 20:21                               ` Krzysztof Oledzki
2005-11-02 16:04                                 ` Pablo Neira
2005-10-31 11:10               ` Deti Fliegl
2005-12-04  2:14         ` Pablo Neira Ayuso
2005-12-04 16:09           ` Patrick McHardy
2005-12-04 16:53             ` Deti Fliegl
2005-12-04 17:10           ` Yasuyuki KOZAKAI
2005-12-04 18:44             ` Deti Fliegl
2005-12-04 19:56               ` Patrick McHardy [this message]
2005-12-05  5:51                 ` Yasuyuki KOZAKAI
2005-12-15 12:49               ` problem with conntrack utility and kernel 2.6.14 - still with 2.6.14.4 Deti Fliegl
2005-12-15 13:05                 ` Pablo Neira Ayuso
2005-12-15 17:21                 ` Krzysztof Oledzki
     [not found]           ` <200512041004.37192.romary@nikoon.com>
2005-12-04 20:04             ` Major problem with conntrack utility and kernel 2.6.14.3 Patrick McHardy
2005-12-04 23:08               ` Deti Fliegl
2005-12-05 10:24               ` Krzysztof Oledzki
2005-12-05 15:17                 ` Patrick McHardy
2005-10-28 13:39   ` problem with conntrack utility and kernel 2.6.14 Deti Fliegl

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=439349DE.3060706@trash.net \
    --to=kaber@trash.net \
    --cc=deti@fliegl.de \
    --cc=netfilter-devel@lists.netfilter.org \
    --cc=pablo@eurodev.net \
    --cc=romary@nikoon.com \
    --cc=yasuyuki.kozakai@toshiba.co.jp \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.