| From stable-bounces@linux.kernel.org Tue Dec 13 03:28:35 2005 |
| Message-ID: <439EAFCF.1040409@trash.net> |
| Date: Tue, 13 Dec 2005 12:26:07 +0100 |
| From: Patrick McHardy <kaber@trash.net> |
| To: stable@kernel.org |
| Cc: Harald Welte <laforge@netfilter.org>, Pablo Neira <pablo@eurodev.net>, |
| Netfilter Development Mailinglist <netfilter-devel@lists.netfilter.org>, |
| Krzysztof Oledzki <olenf@ans.pl> |
| Subject: [NETFILTER]: Fix unbalanced read_unlock_bh in ctnetlink |
| |
| NFA_NEST calls NFA_PUT which jumps to nfattr_failure if the skb has no |
| room left. We call read_unlock_bh at nfattr_failure for the NFA_PUT |
| inside the locked section, so move NFA_NEST inside the locked section |
| too. |
| |
| Signed-off-by: Patrick McHardy <kaber@trash.net> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Krzysztof Piotr Oledzki <ole@ans.pl> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> |
| |
| --- |
| net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 3 ++- |
| 1 file changed, 2 insertions(+), 1 deletion(-) |
| |
| --- linux-2.6.14.4.orig/net/ipv4/netfilter/ip_conntrack_proto_tcp.c |
| +++ linux-2.6.14.4/net/ipv4/netfilter/ip_conntrack_proto_tcp.c |
| @@ -341,9 +341,10 @@ static int tcp_print_conntrack(struct se |
| static int tcp_to_nfattr(struct sk_buff *skb, struct nfattr *nfa, |
| const struct ip_conntrack *ct) |
| { |
| - struct nfattr *nest_parms = NFA_NEST(skb, CTA_PROTOINFO_TCP); |
| + struct nfattr *nest_parms; |
| |
| read_lock_bh(&tcp_lock); |
| + nest_parms = NFA_NEST(skb, CTA_PROTOINFO_TCP); |
| NFA_PUT(skb, CTA_PROTOINFO_TCP_STATE, sizeof(u_int8_t), |
| &ct->proto.tcp.state); |
| read_unlock_bh(&tcp_lock); |