netfilter: ctnetlink: fix GFP_KERNEL allocation under spinlock

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The previous fix for the conntrack creation race (netfilter: ctnetlink:
fix conntrack creation race) missed a GFP_KERNEL allocation that is
now performed while holding a spinlock. Switch to GFP_ATOMIC.

Reported-and-tested-by: Zoltan Borbely <bozo@andrews.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Patrick McHardy and committed by

David S. Miller 17 years ago 3ec19255 bd511269

+1 -1

1 changed file

expand all

net

netfilter

nf_conntrack_netlink.c

+1 -1

net/netfilter/nf_conntrack_netlink.c

··· 1138 1138 } 1139 1139 } 1140 1140 1141 - nf_ct_acct_ext_add(ct, GFP_KERNEL); 1141 + nf_ct_acct_ext_add(ct, GFP_ATOMIC); 1142 1142 1143 1143 #if defined(CONFIG_NF_CONNTRACK_MARK) 1144 1144 if (cda[CTA_MARK])