[thirdparty/kernel/stable-queue.git] / releases / 2.6.27.36 / netfilter-bridge-refcount-fix.patch

From kaber@trash.net  Thu Oct  1 13:35:28 2009
From: Patrick McHardy <kaber@trash.net>
Date: Thu, 17 Sep 2009 13:58:29 +0200 (MEST)
Subject: netfilter: bridge: refcount fix
To: stable@kernel.org
Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, Patrick McHardy <kaber@trash.net>, davem@davemloft.net
Message-ID: <20090917115827.12728.41214.sendpatchset@x2.localnet>


From: Patrick McHardy <kaber@trash.net>

netfilter: bridge: refcount fix

Upstream commit f3abc9b9:

commit f216f082b2b37c4943f1e7c393e2786648d48f6f
([NETFILTER]: bridge netfilter: deal with martians correctly)
added a refcount leak on in_dev.

Instead of using in_dev_get(), we can use __in_dev_get_rcu(),
as netfilter hooks are running under rcu_read_lock(), as pointed
by Patrick.

Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

---
 net/bridge/br_netfilter.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -358,7 +358,7 @@ static int br_nf_pre_routing_finish(stru
 				},
 				.proto = 0,
 			};
-			struct in_device *in_dev = in_dev_get(dev);
+			struct in_device *in_dev = __in_dev_get_rcu(dev);
 
 			/* If err equals -EHOSTUNREACH the error is due to a
 			 * martian destination or due to the fact that
Commit	Line	Data
ef101263 GKH	1	From kaber@trash.net Thu Oct 1 13:35:28 2009
	2	From: Patrick McHardy <kaber@trash.net>
	3	Date: Thu, 17 Sep 2009 13:58:29 +0200 (MEST)
	4	Subject: netfilter: bridge: refcount fix
	5	To: stable@kernel.org
	6	Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, Patrick McHardy <kaber@trash.net>, davem@davemloft.net
	7	Message-ID: <20090917115827.12728.41214.sendpatchset@x2.localnet>
	8
	9
	10	From: Patrick McHardy <kaber@trash.net>
	11
	12	netfilter: bridge: refcount fix
	13
	14	Upstream commit f3abc9b9:
	15
	16	commit f216f082b2b37c4943f1e7c393e2786648d48f6f
	17	([NETFILTER]: bridge netfilter: deal with martians correctly)
	18	added a refcount leak on in_dev.
	19
	20	Instead of using in_dev_get(), we can use __in_dev_get_rcu(),
	21	as netfilter hooks are running under rcu_read_lock(), as pointed
	22	by Patrick.
	23
	24	Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
	25	Signed-off-by: Patrick McHardy <kaber@trash.net>
	26	Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
	27
	28	---
	29	net/bridge/br_netfilter.c \| 2 +-
	30	1 file changed, 1 insertion(+), 1 deletion(-)
	31
	32	--- a/net/bridge/br_netfilter.c
	33	+++ b/net/bridge/br_netfilter.c
	34	@@ -358,7 +358,7 @@ static int br_nf_pre_routing_finish(stru
	35	},
	36	.proto = 0,
	37	};
	38	- struct in_device *in_dev = in_dev_get(dev);
	39	+ struct in_device *in_dev = __in_dev_get_rcu(dev);
	40
	41	/* If err equals -EHOSTUNREACH the error is due to a
	42	* martian destination or due to the fact that