[NETFILTER]: nfnetlink_queue: fix EPERM when binding/unbinding and in…

…stance 0 exists Similar to the nfnetlink_log problem, nfnetlink_queue incorrectly returns -EPERM when binding or unbinding to an address family and queueing instance 0 exists and is owned by a different process. Unlike nfnetlink_log it previously completes the operation, but it is still incorrect. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
git-mirror · Mar 10, 2008 · 914afea · 914afea
1 parent b7047a1
commit 914afea
Showing 1 changed file with 4 additions and 11 deletions.
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
@@ -703,19 +703,12 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
 		/* Commands without queue context - might sleep */
 		switch (cmd->command) {
 		case NFQNL_CFG_CMD_PF_BIND:
-			ret = nf_register_queue_handler(ntohs(cmd->pf),
-							&nfqh);
-			break;
+			return nf_register_queue_handler(ntohs(cmd->pf),
+							 &nfqh);
 		case NFQNL_CFG_CMD_PF_UNBIND:
-			ret = nf_unregister_queue_handler(ntohs(cmd->pf),
-							  &nfqh);
-			break;
-		default:
-			break;
+			return nf_unregister_queue_handler(ntohs(cmd->pf),
+							   &nfqh);
 		}
-
-		if (ret < 0)
-			return ret;
 	}
 
 	rcu_read_lock();