2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2025-01-12 15:44:01 +08:00
linux-next/include/net/netns
Pablo Neira Ayuso 70e9942f17 netfilter: nf_conntrack: make event callback registration per-netns
This patch fixes an oops that can be triggered following this recipe:

0) make sure nf_conntrack_netlink and nf_conntrack_ipv4 are loaded.
1) container is started.
2) connect to it via lxc-console.
3) generate some traffic with the container to create some conntrack
   entries in its table.
4) stop the container: you hit one oops because the conntrack table
   cleanup tries to report the destroy event to user-space but the
   per-netns nfnetlink socket has already gone (as the nfnetlink
   socket is per-netns but event callback registration is global).

To fix this situation, we make the ctnl_notifier per-netns so the
callback is registered/unregistered if the container is
created/destroyed.

Alex Bligh and Alexey Dobriyan originally proposed one small patch to
check if the nfnetlink socket is gone in nfnetlink_has_listeners,
but this is a very visited path for events, thus, it may reduce
performance and it looks a bit hackish to check for the nfnetlink
socket only to workaround this situation. As a result, I decided
to follow the bigger path choice, which seems to look nicer to me.

Cc: Alexey Dobriyan <adobriyan@gmail.com>
Reported-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2011-11-22 00:34:47 +01:00
..
conntrack.h netfilter: nf_conntrack: make event callback registration per-netns 2011-11-22 00:34:47 +01:00
core.h percpu: add __percpu sparse annotations to net 2010-02-16 23:05:38 -08:00
dccp.h [NETNS][DCCPV6]: Move the dccp_v6_ctl_sk on the struct net. 2008-04-13 22:32:25 -07:00
generic.h netns: let net_generic take pointer-to-const args 2010-11-21 10:05:10 -08:00
hash.h netns: introduce the net_hash_mix "salt" for hashes 2008-06-16 17:14:11 -07:00
ipv4.h net: ipv4: add IPPROTO_ICMP socket kind 2011-05-13 16:08:13 -04:00
ipv6.h ipv6: ip6mr: support multiple tables 2010-05-11 14:40:55 +02:00
mib.h netns xfrm: per-netns MIBs 2008-11-25 17:59:52 -08:00
packet.h packet: convert socket list to RCU (v3) 2010-02-22 15:45:56 -08:00
unix.h [NETNS]: struct net content re-work (v3) 2008-01-28 14:57:14 -08:00
x_tables.h net, netns_xt: shrink netns_xt members 2009-07-05 19:16:18 -07:00
xfrm.h netns: reorder fields in struct net 2010-10-17 13:49:14 -07:00