linux/include/net/netfilter
Pablo Neira Ayuso 1e47ee8367 netfilter: nf_conntrack: fix BUG_ON while removing nf_conntrack with netns
canqun zhang reported that we're hitting BUG_ON in the
nf_conntrack_destroy path when calling kfree_skb while
rmmod'ing the nf_conntrack module.

Currently, the nf_ct_destroy hook is being set to NULL in the
destroy path of conntrack.init_net. However, this is a problem
since init_net may be destroyed before any other existing netns
(we cannot assume any specific ordering while releasing existing
netns according to what I read in recent emails).

Thanks to Gao feng for initial patch to address this issue.

Reported-by: canqun zhang <canqunzhang@gmail.com>
Acked-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2013-01-12 14:12:36 +01:00
..
ipv4 netfilter: nf_ct_icmp: keep the ICMP ct entries longer 2009-06-08 15:53:43 +02:00
ipv6 netfilter: fix compilation when conntrack is disabled but tproxy is enabled 2011-01-12 20:25:08 +01:00
nf_conntrack_acct.h netfilter: nf_conntrack: use atomic64 for accounting counters 2011-12-18 01:19:19 +01:00
nf_conntrack_core.h netfilter: nf_conntrack: fix BUG_ON while removing nf_conntrack with netns 2013-01-12 14:12:36 +01:00
nf_conntrack_ecache.h netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
nf_conntrack_expect.h netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_conntrack_extend.h netfilter: nf_ct_ext: support variable length extensions 2012-06-16 15:08:49 +02:00
nf_conntrack_helper.h netfilter: add user-space connection tracking helper infrastructure 2012-06-16 15:40:02 +02:00
nf_conntrack_l3proto.h netfilter: nf_conntrack: remove now unused sysctl for nf_conntrack_l[3|4]proto 2012-06-07 14:58:41 +02:00
nf_conntrack_l4proto.h netfilter: nf_conntrack: generalize nf_ct_l4proto_net 2012-07-04 19:37:22 +02:00
nf_conntrack_timeout.h netfilter: nf_conntrack: add nf_ct_timeout_lookup 2012-09-03 13:33:03 +02:00
nf_conntrack_timestamp.h netfilter: nf_conntrack: fix linker error with NF_CONNTRACK_TIMESTAMP=n 2011-01-20 20:46:52 +01:00
nf_conntrack_tuple.h netfilter: nf_nat: export NAT definitions to userspace 2011-12-23 14:36:43 +01:00
nf_conntrack_zones.h netfilter: nf_defrag_ipv4: fix compilation error with NF_CONNTRACK=n 2010-02-18 19:04:44 +01:00
nf_conntrack.h netfilter: nf_conntrack: improve nf_conn object traceability 2012-12-03 15:06:33 +01:00
nf_log.h treewide: use __printf not __attribute__((format(printf,...))) 2011-10-31 17:30:54 -07:00
nf_nat_core.h netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_helper.h netfilter: nf_nat: add protoff argument to packet mangling functions 2012-08-30 03:00:13 +02:00
nf_nat_l3proto.h netfilter: ipv6: add IPv6 NAT support 2012-08-30 03:00:17 +02:00
nf_nat_l4proto.h netfilter: ipv6: add IPv6 NAT support 2012-08-30 03:00:17 +02:00
nf_nat.h netfilter: nf_nat: Handle routing changes in MASQUERADE target 2012-12-03 15:14:20 +01:00
nf_queue.h netfilter: kill support for per-af queue backends 2012-12-03 15:07:48 +01:00
nf_tproxy_core.h net: use IS_ENABLED(CONFIG_IPV6) 2011-12-11 18:25:16 -05:00
nfnetlink_log.h nfnetlink_log: do not expose NFULNL_COPY_DISABLED to user-space 2010-07-15 11:27:41 +02:00
nfnetlink_queue.h netfilter: fix missing symbols if CONFIG_NETFILTER_NETLINK_QUEUE_CT unset 2012-06-18 21:09:17 -07:00
xt_log.h netfilter: xt_LOG: don't use xchg() for simple assignment 2012-03-26 14:00:28 +02:00
xt_rateest.h Merge branch 'master' of /repos/git/net-next-2.6 2010-06-15 17:31:06 +02:00