Commit 42df4fb9 authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso
Browse files

netfilter: cttimeout: decouple unlink and free on netns destruction 



Increment the extid on module removal; this makes sure that even
in extreme cases any old uncofirmed entry that happened to be kept
e.g. on nfnetlink_queue list will not trip over a stale timeout
reference.

Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent c56716c6

net/netfilter/nfnetlink_cttimeout.c

+12 −0
Original line number Diff line number Diff line
@@ -656,12 +656,24 @@ static int __init cttimeout_init(void) 
	return ret;

}



static int untimeout(struct nf_conn *ct, void *timeout)

{

	struct nf_conn_timeout *timeout_ext = nf_ct_timeout_find(ct);



	if (timeout_ext)

		RCU_INIT_POINTER(timeout_ext->timeout, NULL);



	return 0;

}



static void __exit cttimeout_exit(void)

{

	nfnetlink_subsys_unregister(&cttimeout_subsys);



	unregister_pernet_subsys(&cttimeout_ops);

	RCU_INIT_POINTER(nf_ct_timeout_hook, NULL);



	nf_ct_iterate_destroy(untimeout, NULL);

	synchronize_rcu();

}