Message ID | 20130827234140.GA3301@linuxace.com |
---|---|
State | Awaiting Upstream |
Headers | show |
From: Phil Oester <kernel@linuxace.com> Date: Tue, 27 Aug 2013 16:41:40 -0700 > In commit 90ba9b19 (tcp: tcp_make_synack() can use alloc_skb()), Eric changed > the call to sock_wmalloc in tcp_make_synack to alloc_skb. In doing so, > the netfilter owner match lost its ability to block the SYNACK packet on > outbound listening sockets. Revert the change, restoring the owner match > functionality. > > This closes netfilter bugzilla #847. > > Signed-off-by: Phil Oester <kernel@linuxace.com> Applied and queued up for -stable, thanks. Eric, I guess if you really want to get rid of the wmem atomics you can just attach the socket and make a special destructor. Maybe it is not even worth it at that point however. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index 92fde8d..362c5f7 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -2670,7 +2670,7 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, int tcp_header_size; int mss; - skb = alloc_skb(MAX_TCP_HEADER + 15, sk_gfp_atomic(sk, GFP_ATOMIC)); + skb = sock_wmalloc(sk, MAX_TCP_HEADER + 15, 1, GFP_ATOMIC); if (unlikely(!skb)) { dst_release(dst); return NULL;
In commit 90ba9b19 (tcp: tcp_make_synack() can use alloc_skb()), Eric changed the call to sock_wmalloc in tcp_make_synack to alloc_skb. In doing so, the netfilter owner match lost its ability to block the SYNACK packet on outbound listening sockets. Revert the change, restoring the owner match functionality. This closes netfilter bugzilla #847. Signed-off-by: Phil Oester <kernel@linuxace.com>