netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [PATCH] Prevent crash on ip_conntrack removal

from [Patrick McHardy] [Permanent Link][Original]
To: "David S. Miller" <davem@xxxxxxxxxx>
Subject: Re: [PATCH] Prevent crash on ip_conntrack removal
From: Patrick McHardy <kaber@xxxxxxxxx>
Date: Sat, 21 Aug 2004 17:10:20 +0200
Cc: laforge@xxxxxxxxxxxxx, okir@xxxxxxx, netdev@xxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20040819081428.5243e314.davem@redhat.com>
References: <20040818091352.GB6507@suse.de> <20040819101159.GC3921@sunbeam.de.gnumonks.org> <20040819071846.2d0d6120.davem@redhat.com> <4124BF7E.7090304@trash.net> <20040819081428.5243e314.davem@redhat.com>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040413 Debian/1.6-5 
David S. Miller wrote:

I have a better idea.

Instead of setting skb->dst to NULL, it should set it to some
NULL destination entry which just frees up the packets.  Then
no special case handling.  skb->dst==NULL packets should never
get into the fragment queue to begin with.

The problem is that conntrack unload can cause packets without a
dst_entry to appear in ip_local_deliver, which is already after
the call to dst_input.

Regards
Patrick


[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [PATCH 2.6]: Mark some xfrm-functions/data static, Patrick McHardy
Next by Date:  [PATCH] remove old version check from mac8390, Olaf Hering
Previous by Thread:  Re: [PATCH] Prevent crash on ip_conntrack removal, David S. Miller
Next by Thread:  Re: [PATCH] Prevent crash on ip_conntrack removal, David S. Miller
Indexes:  [Date] [Thread] [Top] [All Lists]