tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

netfilter: ctnetlink: fix reliable event delivery if message building fails

This patch fixes a bug that allows to lose events when reliable
event delivery mode is used, ie. if NETLINK_BROADCAST_SEND_ERROR
and NETLINK_RECV_NO_ENOBUFS socket options are set.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Pablo Neira Ayuso and committed by
David S. Miller 37b7ef72 1a50307b

+6 -4
+1 -1
include/linux/netfilter/nfnetlink.h
··· 76 76 extern int nfnetlink_has_listeners(struct net *net, unsigned int group); 77 77 extern int nfnetlink_send(struct sk_buff *skb, struct net *net, u32 pid, unsigned group, 78 78 int echo, gfp_t flags); 79 - extern void nfnetlink_set_err(struct net *net, u32 pid, u32 group, int error); 79 + extern int nfnetlink_set_err(struct net *net, u32 pid, u32 group, int error); 80 80 extern int nfnetlink_unicast(struct sk_buff *skb, struct net *net, u_int32_t pid, int flags); 81 81 82 82 extern void nfnl_lock(void);
+3 -1
net/netfilter/nf_conntrack_netlink.c
··· 582 582 nlmsg_failure: 583 583 kfree_skb(skb); 584 584 errout: 585 - nfnetlink_set_err(net, 0, group, -ENOBUFS); 585 + if (nfnetlink_set_err(net, 0, group, -ENOBUFS) > 0) 586 + return -ENOBUFS; 587 + 586 588 return 0; 587 589 } 588 590 #endif /* CONFIG_NF_CONNTRACK_EVENTS */
+2 -2
net/netfilter/nfnetlink.c
··· 113 113 } 114 114 EXPORT_SYMBOL_GPL(nfnetlink_send); 115 115 116 - void nfnetlink_set_err(struct net *net, u32 pid, u32 group, int error) 116 + int nfnetlink_set_err(struct net *net, u32 pid, u32 group, int error) 117 117 { 118 - netlink_set_err(net->nfnl, pid, group, error); 118 + return netlink_set_err(net->nfnl, pid, group, error); 119 119 } 120 120 EXPORT_SYMBOL_GPL(nfnetlink_set_err); 121 121