diff --git a/net/netfilter/core.c b/net/netfilter/core.c index e6d3a69b9e9b..6819a4113e1e 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c @@ -51,11 +51,6 @@ void nf_unregister_afinfo(struct nf_afinfo *afinfo) } EXPORT_SYMBOL_GPL(nf_unregister_afinfo); -/* In this code, we can be waiting indefinitely for userspace to - * service a packet if a hook returns NF_QUEUE. We could keep a count - * of skbuffs queued for userspace, and not deregister a hook unless - * this is zero, but that sucks. Now, we simply check when the - * packets come back: if the hook is gone, the packet is discarded. */ struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS] __read_mostly; EXPORT_SYMBOL(nf_hooks); static DEFINE_MUTEX(nf_hook_mutex); diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c index 81d010a05b98..0bea88c30e51 100644 --- a/net/netfilter/nf_queue.c +++ b/net/netfilter/nf_queue.c @@ -223,7 +223,6 @@ void nf_reinject(struct sk_buff *skb, struct nf_info *info, unsigned int verdict) { struct list_head *elem = &info->elem->list; - struct list_head *i; struct nf_afinfo *afinfo; rcu_read_lock(); @@ -245,18 +244,6 @@ void nf_reinject(struct sk_buff *skb, struct nf_info *info, /* Drop reference to owner of hook which queued us. */ module_put(info->elem->owner); - list_for_each_rcu(i, &nf_hooks[info->pf][info->hook]) { - if (i == elem) - break; - } - - if (i == &nf_hooks[info->pf][info->hook]) { - /* The module which sent it to userspace is gone. */ - NFDEBUG("%s: module disappeared, dropping packet.\n", - __FUNCTION__); - verdict = NF_DROP; - } - /* Continue traversal iff userspace said ok... */ if (verdict == NF_REPEAT) { elem = elem->prev;