Message ID | 4A92CEA4.6020604@gmail.com |
---|---|
State | Not Applicable, archived |
Delegated to: | David Miller |
Headers | show |
Eric Dumazet wrote: > [PATCH] netfilter: bridge: refcount fix > > commit f216f082b2b37c4943f1e7c393e2786648d48f6f > ([NETFILTER]: bridge netfilter: deal with martians correctly) > added a refcount leak on in_dev. > > Instead of using in_dev_get(), we can use __in_dev_get_rcu(), > as netfilter hooks are running under rcu_read_lock(), as pointed > by Patrick. > > Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> > Signed-off-by: Patrick McHardy <kaber@trash.net> I've applied it to nf-next-2.6.git since its not as EARTH SHATTERING as I understood Dave would like it to be for consideration for net-2.6.git :) Thanks! -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c index 4fde742..907a82e 100644 --- a/net/bridge/br_netfilter.c +++ b/net/bridge/br_netfilter.c @@ -359,7 +359,7 @@ static int br_nf_pre_routing_finish(struct sk_buff *skb) }, .proto = 0, }; - struct in_device *in_dev = in_dev_get(dev); + struct in_device *in_dev = __in_dev_get_rcu(dev); /* If err equals -EHOSTUNREACH the error is due to a * martian destination or due to the fact that