1. 20 Jul, 2009 13 commits
  2. 17 Jul, 2009 22 commits
  3. 16 Jul, 2009 2 commits
    • Eric Dumazet's avatar
      netfilter: nf_conntrack: nf_conntrack_alloc() fixes · 941297f4
      Eric Dumazet authored
      When a slab cache uses SLAB_DESTROY_BY_RCU, we must be careful when allocating
      objects, since slab allocator could give a freed object still used by lockless
      readers.
      
      In particular, nf_conntrack RCU lookups rely on ct->tuplehash[xxx].hnnode.next
      being always valid (ie containing a valid 'nulls' value, or a valid pointer to next
      object in hash chain.)
      
      kmem_cache_zalloc() setups object with NULL values, but a NULL value is not valid
      for ct->tuplehash[xxx].hnnode.next.
      
      Fix is to call kmem_cache_alloc() and do the zeroing ourself.
      
      As spotted by Patrick, we also need to make sure lookup keys are committed to
      memory before setting refcount to 1, or a lockless reader could get a reference
      on the old version of the object. Its key re-check could then pass the barrier.
      Signed-off-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      941297f4
    • Patrick McHardy's avatar
      netfilter: xt_osf: fix nf_log_packet() arguments · aa6a03eb
      Patrick McHardy authored
      The first argument is the address family, the second one the hook
      number.
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      aa6a03eb
  4. 15 Jul, 2009 3 commits