OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/ipv4
History
Patrick McHardy d696c7bdaa netfilter: nf_conntrack: fix hash resizing with namespaces 
As noticed by Jon Masters <jonathan@jonmasters.org>, the conntrack hash
size is global and not per namespace, but modifiable at runtime through
/sys/module/nf_conntrack/hashsize. Changing the hash size will only
resize the hash in the current namespace however, so other namespaces
will use an invalid hash size. This can cause crashes when enlarging
the hashsize, or false negative lookups when shrinking it.

Move the hash size into the per-namespace data and only use the global
hash size to initialize the per-namespace value when instanciating a
new namespace. Additionally restrict hash resizing to init_net for
now as other namespaces are not handled currently.

Cc: stable@kernel.org
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2010-02-08 11:18:07 -08:00
..
netfilter netfilter: nf_conntrack: fix hash resizing with namespaces 2010-02-08 11:18:07 -08:00
Kconfig nfs: new subdir Documentation/filesystems/nfs 2009-10-27 19:34:04 -04:00
Makefile IPVS: Move IPVS to net/netfilter/ipvs 2008-10-07 08:38:24 +11:00
af_inet.c net: check kern before calling security subsystem 2009-11-05 22:18:18 -08:00
ah4.c xfrm: Use the user specified truncation length in ESP and AH 2009-11-25 15:48:41 -08:00
arp.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
cipso_ipv4.c ipv4: Define cipso_v4_delopt static 2009-10-07 14:45:58 -07:00
datagram.c inet: rename some inet_sock fields 2009-10-18 18:52:53 -07:00
devinet.c net: restore ip source validation 2009-12-25 17:30:22 -08:00
esp4.c xfrm: Use the user specified truncation length in ESP and AH 2009-11-25 15:48:41 -08:00
fib_frontend.c net: restore ip source validation 2009-12-25 17:30:22 -08:00
fib_hash.c ipv4: fib table algorithm performance improvement 2009-10-05 00:21:56 -07:00
fib_lookup.h ipv4: cleanup - remove two unused parameters from fib_semantic_match(). 2009-05-18 15:16:37 -07:00
fib_rules.c net: Allow fib_rule_unregister to batch 2009-12-03 12:22:55 -08:00
fib_semantics.c net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
fib_trie.c ipv4: fib table algorithm performance improvement 2009-10-05 00:21:56 -07:00
icmp.c icmp: icmp_send() can avoid a dev_put() 2009-11-01 23:55:10 -08:00
igmp.c net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
inet_connection_sock.c TCPCT part 1a: add request_values parameter for sending SYNACK 2009-12-02 22:07:23 -08:00
inet_diag.c netlink: With opcode INET_DIAG_BC_S_LE dport was compared in inet_diag_bc_run() 2010-01-19 14:12:20 -08:00
inet_fragment.c inet fragments: fix sparse warning: context imbalance 2009-02-26 23:13:35 -08:00
inet_hashtables.c tcp: Fix a connect() race with timewait sockets 2009-12-08 20:17:51 -08:00
inet_lro.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
inet_timewait_sock.c [PATCH] tcp: documents timewait refcnt tricks 2009-12-08 20:19:53 -08:00
inetpeer.c inetpeer: Optimize inet_getid() 2009-11-13 20:46:58 -08:00
ip_forward.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
ip_fragment.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
ip_gre.c net: Simplify ip_gre pernet operations. 2009-12-01 16:15:57 -08:00
ip_input.c net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
ip_options.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
ip_output.c ip: fix mc_loop checks for tunnels with multicast outer addresses 2010-01-06 20:37:01 -08:00
ip_sockglue.c net: Cleanup redundant tests on unsigned 2009-10-29 01:39:54 -07:00
ipcomp.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
ipconfig.c Merge branch 'for-2.6.33' of git://linux-nfs.org/~bfields/linux 2009-12-16 10:43:34 -08:00
ipip.c net: Simplify ipip pernet operations. 2009-12-01 16:15:58 -08:00
ipmr.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-11-17 00:05:02 -08:00
netfilter.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
proc.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
protocol.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
raw.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-10-29 21:28:59 -07:00
route.c ipv4: don't remove /proc/net/rt_acct 2010-01-17 19:24:49 -08:00
syncookies.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
sysctl_net_ipv4.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
tcp.c tcp: Remove runtime check that can never be true. 2009-12-08 20:07:54 -08:00
tcp_bic.c tcp: add helper for AI algorithm 2009-03-02 03:00:15 -08:00
tcp_cong.c Networking: use CAP_NET_ADMIN when deciding to call request_module 2009-08-14 11:18:34 +10:00
tcp_cubic.c tcp: add helper for AI algorithm 2009-03-02 03:00:15 -08:00
tcp_diag.c tcp: diag: Dont report negative values for rx queue 2009-12-03 16:06:13 -08:00
tcp_highspeed.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_htcp.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tcp_hybla.c tcp: Fix tcp_hybla zero congestion window growth with small rho and large cwnd. 2008-10-07 15:58:17 -07:00
tcp_illinois.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_input.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
tcp_ipv4.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
tcp_lp.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tcp_minisocks.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
tcp_output.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
tcp_probe.c tcp_probe: avoid modulus operation and wrap fix 2010-01-25 15:47:50 -08:00
tcp_scalable.c tcp: add helper for AI algorithm 2009-03-02 03:00:15 -08:00
tcp_timer.c tcp: Stalling connections: Move timeout calculation routine 2009-12-08 20:56:11 -08:00
tcp_vegas.c tcp: tcp_vegas ssthresh bugfix 2009-05-25 22:44:59 -07:00
tcp_vegas.h [TCP]: congestion control API pass RTT in microseconds 2007-07-31 02:27:57 -07:00
tcp_veno.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tcp_westwood.c [TCP]: congestion control API pass RTT in microseconds 2007-07-31 02:27:57 -07:00
tcp_yeah.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tunnel4.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
udp.c udp: udp_lib_get_port() fix 2009-12-13 19:32:39 -08:00
udp_impl.h net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
udplite.c net: drop capability from protocol definitions 2009-11-05 21:40:17 -08:00
xfrm4_input.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
xfrm4_mode_beet.c ipsec: Interfamily IPSec BEET 2008-08-06 02:39:30 -07:00
xfrm4_mode_transport.c [IPSEC]: Use IPv6 calling convention as the convention for x->mode->output 2007-10-10 16:55:54 -07:00
xfrm4_mode_tunnel.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
xfrm4_output.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
xfrm4_policy.c netns xfrm: deal with dst entries in netns 2010-01-24 22:47:53 -08:00
xfrm4_state.c xfrm: remove useless forward declarations 2008-11-25 01:05:54 -08:00
xfrm4_tunnel.c [IPCOMP]: Fix reception of incompressible packets 2008-01-31 19:27:24 -08:00