Skip to content

Commit

Permalink
netfilter: ctnetlink: fix GFP_KERNEL allocation under spinlock
Browse files Browse the repository at this point in the history 
The previous fix for the conntrack creation race (netfilter: ctnetlink:
fix conntrack creation race) missed a GFP_KERNEL allocation that is
now performed while holding a spinlock. Switch to GFP_ATOMIC.

Reported-and-tested-by: Zoltan Borbely <bozo@andrews.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Patrick McHardy authored and David S. Miller committed Nov 26, 2008
1 parent bd51126 commit 3ec1925
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion net/netfilter/nf_conntrack_netlink.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1138,7 +1138,7 @@ ctnetlink_create_conntrack(struct nlattr *cda[],
}
}

nf_ct_acct_ext_add(ct, GFP_KERNEL);
nf_ct_acct_ext_add(ct, GFP_ATOMIC);

#if defined(CONFIG_NF_CONNTRACK_MARK)
if (cda[CTA_MARK])
Expand Down

0 comments on commit 3ec1925

Please sign in to comment.