Linus, please apply v2.3.99-pre6.
When a packet is queued for userspace with a reference to an existing
ip_conntrack, and someone tries to remove the module, we have to wait
for the skb to be be cleaned.
We don't want to use module counts here to prevent removal of the
module, as that would put control of module removal in the hands of
the network traffic, not the box administrator.
Rusty.
diff -urN --minimal --exclude *.lds --exclude *.ps --exclude *.pdf --exclude
*.sgml --exclude *.tex --exclude *.aux --exclude *.log --exclude classlist.h
--exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude
version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config
--exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude
consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude
modversions.h --exclude install-kernel
linux-2.3.99-pre-6-2-rusty/net/ipv4/netfilter/ip_conntrack_core.c
working/net/ipv4/netfilter/ip_conntrack_core.c
--- linux-2.3.99-pre-6-2-rusty/net/ipv4/netfilter/ip_conntrack_core.c Fri Apr
14 17:41:01 2000
+++ working/net/ipv4/netfilter/ip_conntrack_core.c Sun Apr 23 22:59:02 2000
@@ -836,7 +950,14 @@
#ifdef CONFIG_SYSCTL
unregister_sysctl_table(ip_conntrack_sysctl_header);
#endif
+
+ i_see_dead_people:
ip_ct_selective_cleanup(kill_all, NULL);
+ if (atomic_read(&ip_conntrack_count) != 0) {
+ schedule();
+ goto i_see_dead_people;
+ }
+
kmem_cache_destroy(ip_conntrack_cachep);
vfree(ip_conntrack_hash);
nf_unregister_sockopt(&so_getorigdst);
--
Hacking time.
|