linux/include
Patrick McHardy ec68e97ded [NETFILTER]: conntrack: fix {nf,ip}_ct_iterate_cleanup endless loops
Fix {nf,ip}_ct_iterate_cleanup unconfirmed list handling:

- unconfirmed entries can not be killed manually, they are removed on
  confirmation or final destruction of the conntrack entry, which means
  we might iterate forever without making forward progress.

  This can happen in combination with the conntrack event cache, which
  holds a reference to the conntrack entry, which is only released when
  the packet makes it all the way through the stack or a different
  packet is handled.

- taking references to an unconfirmed entry and using it outside the
  locked section doesn't work, the list entries are not refcounted and
  another CPU might already be waiting to destroy the entry

What the code really wants to do is make sure the references of the hash
table to the selected conntrack entries are released, so they will be
destroyed once all references from skbs and the event cache are dropped.

Since unconfirmed entries haven't even entered the hash yet, simply mark
them as dying and skip confirmation based on that.

Reported and tested by Chuck Ebbert <cebbert@redhat.com>

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-03-05 13:25:18 -08:00
..
acpi
asm-alpha
asm-arm [PATCH] gpio_keys driver shouldn't be ARM-specific 2007-03-05 07:57:51 -08:00
asm-arm26
asm-avr32
asm-cris
asm-frv [PATCH] FRV: Add some missng lazy MMU hooks for NOMMU mode 2007-03-01 14:53:36 -08:00
asm-generic
asm-h8300
asm-i386 [PATCH] disable NMI watchdog by default 2007-03-05 08:23:51 -08:00
asm-ia64 [PATCH] sched: remove SMT nice 2007-03-05 07:57:51 -08:00
asm-m32r
asm-m68k
asm-m68knommu
asm-mips [PATCH] sched: remove SMT nice 2007-03-05 07:57:51 -08:00
asm-parisc
asm-powerpc [PATCH] sched: remove SMT nice 2007-03-05 07:57:51 -08:00
asm-ppc
asm-s390
asm-sh
asm-sh64
asm-sparc [SPARC]: Provide 'get_property()' alias for of_get_property(). 2007-03-02 15:22:53 -08:00
asm-sparc64 [SPARC]: Provide 'get_property()' alias for of_get_property(). 2007-03-02 15:22:53 -08:00
asm-um [PATCH] uml: pte_mkread fix 2007-03-01 14:53:38 -08:00
asm-v850
asm-x86_64 [PATCH] disable NMI watchdog by default 2007-03-05 08:23:51 -08:00
asm-xtensa
crypto
keys
linux [NETFILTER]: conntrack: fix {nf,ip}_ct_iterate_cleanup endless loops 2007-03-05 13:25:18 -08:00
math-emu
media V4L/DVB (5271): Add VIDIOC_TRY_ENCODER_CMD and VIDIOC_ENCODER_CMD ioctls. 2007-03-01 13:09:46 -02:00
mtd
net [NETFILTER]: conntrack: fix {nf,ip}_ct_iterate_cleanup endless loops 2007-03-05 13:25:18 -08:00
pcmcia
rdma
rxrpc
scsi
sound
video
Kbuild