Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v2.6.26 2008-06-17T22:51:47Z 2008-06-17T22:51:47Z Patrick McHardy kaber@trash.net 2008-06-17T22:51:47Z urn:sha1:68b80f11380889996aa7eadba29dbbb5c29a5864 Fix three ct_extend/NAT extension related races: - When cleaning up the extension area and removing it from the bysource hash, the nat->ct pointer must not be set to NULL since it may still be used in a RCU read side - When replacing a NAT extension area in the bysource hash, the nat->ct pointer must be assigned before performing the replacement - When reallocating extension storage in ct_extend, the old memory must not be freed immediately since it may still be used by a RCU read side Possibly fixes https://bugzilla.redhat.com/show_bug.cgi?id=449315 and/or http://bugzilla.kernel.org/show_bug.cgi?id=10875 Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2008-04-29T10:35:10Z Philip Craig philipc@snapgear.com 2008-04-29T10:35:10Z urn:sha1:443a70d50bdc212e1292778e264ce3d0a85b896f commit 0794935e "[NETFILTER]: nf_conntrack: optimize hash_conntrack()" results in ARM platforms hashing uninitialised padding. This padding doesn't exist on other architectures. Fix this by replacing NF_CT_TUPLE_U_BLANK() with memset() to ensure everything is initialised. There were only 4 bytes that NF_CT_TUPLE_U_BLANK() wasn't clearing anyway (or 12 bytes on ARM). Signed-off-by: Philip Craig <philipc@snapgear.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2008-04-14T09:15:54Z Jan Engelhardt jengelh@computergmbh.de 2008-04-14T09:15:54Z urn:sha1:3c9fba656a185cf56872a325e5594d9b4d4168ec Directly call IPv4 and IPv6 variants where the address family is easily known. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> 2008-04-14T09:15:53Z Jan Engelhardt jengelh@computergmbh.de 2008-04-14T09:15:53Z urn:sha1:f2ea825f483d5d78754ae813b6db63f8b74e9343 Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> 2008-04-14T09:15:53Z Jan Engelhardt jengelh@computergmbh.de 2008-04-14T09:15:53Z urn:sha1:5f2b4c9006fc667c4614f0b079efab3721f68316 Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> 2008-04-14T09:15:53Z Jan Engelhardt jengelh@computergmbh.de 2008-04-14T09:15:53Z urn:sha1:09f263cd39751cada63dec2dccc71e67c00bc38c Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> 2008-04-14T09:15:52Z Jan Engelhardt jengelh@computergmbh.de 2008-04-14T09:15:52Z urn:sha1:8ce8439a31f723f3aa28adf27fe8797a5678dde1 Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> 2008-04-14T09:15:52Z Jan Engelhardt jengelh@computergmbh.de 2008-04-14T09:15:52Z urn:sha1:9dbae7917899d78a094aceeb5062cd76efa89052 These functions are never called. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> 2008-04-14T09:15:52Z Patrick McHardy kaber@trash.net 2008-04-14T09:15:52Z urn:sha1:5e8fbe2ac8a3f1e34e7004c5750ef59bf9304f82 Add accessors for l3num and protonum and get rid of some overly long expressions. Signed-off-by: Patrick McHardy <kaber@trash.net> 2008-04-14T09:15:52Z Patrick McHardy kaber@trash.net 2008-04-14T09:15:52Z urn:sha1:dd13b010368f85dfa59364ba87bfe8ae930b2832 Connection tracking helpers (specifically FTP) need to be called before NAT sequence numbers adjustments are performed to be able to compare them against previously seen ones. We've introduced two new hooks around 2.6.11 to maintain this ordering when NAT modules were changed to get called from conntrack helpers directly. The cost of netfilter hooks is quite high and sequence number adjustments are only rarely needed however. Add a RCU-protected sequence number adjustment function pointer and call it from IPv4 conntrack after calling the helper. Signed-off-by: Patrick McHardy <kaber@trash.net>