.27 patch

author Greg Kroah-Hartman <gregkh@suse.de>

Thu, 1 Oct 2009 20:42:45 +0000 (13:42 -0700)

committer Greg Kroah-Hartman <gregkh@suse.de>

Thu, 1 Oct 2009 20:42:45 +0000 (13:42 -0700)
author Greg Kroah-Hartman <gregkh@suse.de>
Thu, 1 Oct 2009 20:42:45 +0000 (13:42 -0700)
committer Greg Kroah-Hartman <gregkh@suse.de>
Thu, 1 Oct 2009 20:42:45 +0000 (13:42 -0700)
diff --git a/queue-2.6.27/netfilter-bridge-refcount-fix.patch b/queue-2.6.27/netfilter-bridge-refcount-fix.patch

new file mode 100644 (file)

index 0000000..1c0f9b4
--- /dev/null
+++ b/queue-2.6.27/netfilter-bridge-refcount-fix.patch
@@ -0,0 +1,42 @@
+From kaber@trash.net  Thu Oct  1 13:35:28 2009
+From: Patrick McHardy <kaber@trash.net>
+Date: Thu, 17 Sep 2009 13:58:29 +0200 (MEST)
+Subject: netfilter: bridge: refcount fix
+To: stable@kernel.org
+Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, Patrick McHardy <kaber@trash.net>, davem@davemloft.net
+Message-ID: <20090917115827.12728.41214.sendpatchset@x2.localnet>
+
+
+From: Patrick McHardy <kaber@trash.net>
+
+netfilter: bridge: refcount fix
+
+Upstream commit f3abc9b9:
+
+commit f216f082b2b37c4943f1e7c393e2786648d48f6f
+([NETFILTER]: bridge netfilter: deal with martians correctly)
+added a refcount leak on in_dev.
+
+Instead of using in_dev_get(), we can use __in_dev_get_rcu(),
+as netfilter hooks are running under rcu_read_lock(), as pointed
+by Patrick.
+
+Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
+Signed-off-by: Patrick McHardy <kaber@trash.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ net/bridge/br_netfilter.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/net/bridge/br_netfilter.c
++++ b/net/bridge/br_netfilter.c
+@@ -358,7 +358,7 @@ static int br_nf_pre_routing_finish(stru
+                               },
+                               .proto = 0,
+                       };
+-                      struct in_device *in_dev = in_dev_get(dev);
++                      struct in_device *in_dev = __in_dev_get_rcu(dev);
+ 
+                       /* If err equals -EHOSTUNREACH the error is due to a
+                        * martian destination or due to the fact that
diff --git a/queue-2.6.27/series b/queue-2.6.27/series

index 4e183873859ae03cef6c5a61fd2f9c183b388757..a62f2ebf582ce3eafca1368839ca3ee65a34ff98 100644 (file)
--- a/queue-2.6.27/series
+++ b/queue-2.6.27/series
@@ -5,3 +5,4 @@ pcnet_cs-fix-misuse-of-the-equality-operator.patch
  fix-incorrect-stable-backport-to-bas_gigaset.patch
  net-ax25-fix-signed-comparison-in-the-sockopt-handler.patch
  net-make-the-copy-length-in-af_packet-sockopt-handler-unsigned.patch
+netfilter-bridge-refcount-fix.patch
author	Greg Kroah-Hartman <gregkh@suse.de>
	Thu, 1 Oct 2009 20:42:45 +0000 (13:42 -0700)
committer	Greg Kroah-Hartman <gregkh@suse.de>
	Thu, 1 Oct 2009 20:42:45 +0000 (13:42 -0700)
queue-2.6.27/netfilter-bridge-refcount-fix.patch	[new file with mode: 0644]	patch \| blob
queue-2.6.27/series		patch \| blob \| blame \| history