Forum | Documentation | Website | Blog

Skip to content
Snippets Groups Projects
user avatar
bill bonaparte authored
commit 5195c14c upstream.

After removal of the central spinlock nf_conntrack_lock, in
commit 93bb0ceb ("netfilter: conntrack: remove central
spinlock nf_conntrack_lock"), it is possible to race against
get_next_corpse().

The race is against the get_next_corpse() cleanup on
the "unconfirmed" list (a per-cpu list with seperate locking),
which set the DYING bit.

Fix this race, in __nf_conntrack_confirm(), by removing the CT
from unconfirmed list before checking the DYING bit.  In case
race occured, re-add the CT to the dying list.

While at this, fix coding style of the comment that has been
updated.

Fixes: 93bb0ceb

 ("netfilter: conntrack: remove central spinlock nf_conntrack_lock")
Reported-by: default avatarbill bonaparte <programme110@gmail.com>
Signed-off-by: default avatarbill bonaparte <programme110@gmail.com>
Signed-off-by: default avatarJesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
88fd8709
Name Last commit Last update