]>
Commit | Line | Data |
---|---|---|
37554d48 SL |
1 | From df161e3286162b58d33a3614bc2a17f2165c62e2 Mon Sep 17 00:00:00 2001 |
2 | From: Taehee Yoo <ap420073@gmail.com> | |
3 | Date: Tue, 30 Apr 2019 01:55:29 +0900 | |
4 | Subject: netfilter: nf_flow_table: fix netdev refcnt leak | |
5 | ||
6 | [ Upstream commit 26a302afbe328ecb7507cae2035d938e6635131b ] | |
7 | ||
8 | flow_offload_alloc() calls nf_route() to get a dst_entry. Internally, | |
9 | nf_route() calls ip_route_output_key() that allocates a dst_entry and | |
10 | holds it. So, a dst_entry should be released by dst_release() if | |
11 | nf_route() is successful. | |
12 | ||
13 | Otherwise, netns exit routine cannot be finished and the following | |
14 | message is printed: | |
15 | ||
16 | [ 257.490952] unregister_netdevice: waiting for lo to become free. Usage count = 1 | |
17 | ||
18 | Fixes: ac2a66665e23 ("netfilter: add generic flow table infrastructure") | |
19 | Signed-off-by: Taehee Yoo <ap420073@gmail.com> | |
20 | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |
21 | Signed-off-by: Sasha Levin <sashal@kernel.org> | |
22 | --- | |
23 | net/netfilter/nft_flow_offload.c | 1 + | |
24 | 1 file changed, 1 insertion(+) | |
25 | ||
26 | diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c | |
27 | index 436cc14cfc59..7f85af4c40ff 100644 | |
28 | --- a/net/netfilter/nft_flow_offload.c | |
29 | +++ b/net/netfilter/nft_flow_offload.c | |
30 | @@ -113,6 +113,7 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, | |
31 | if (ret < 0) | |
32 | goto err_flow_add; | |
33 | ||
34 | + dst_release(route.tuple[!dir].dst); | |
35 | return; | |
36 | ||
37 | err_flow_add: | |
38 | -- | |
39 | 2.20.1 | |
40 |