diff options
| author | David S. Miller <davem@davemloft.net> | 2012-09-15 11:43:53 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2012-09-15 11:43:53 -0400 |
| commit | b48b63a1f6e26b0dec2c9f1690396ed4bcb66903 (patch) | |
| tree | 8d9ad227c3a7d35cd78d40ecaf9bf59375dbd21a /net/netfilter/nfnetlink_log.c | |
| parent | 7f2e6a5d8608d0353b017a0fe15502307593734e (diff) | |
| parent | 3f0c3c8fe30c725c1264fb6db8cc4b69db3a658a (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts:
net/netfilter/nfnetlink_log.c
net/netfilter/xt_LOG.c
Rather easy conflict resolution, the 'net' tree had bug fixes to make
sure we checked if a socket is a time-wait one or not and elide the
logging code if so.
Whereas on the 'net-next' side we are calculating the UID and GID from
the creds using different interfaces due to the user namespace changes
from Eric Biederman.
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter/nfnetlink_log.c')
| -rw-r--r-- | net/netfilter/nfnetlink_log.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index 8cb67c4dbd62..10067e3112c5 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c @@ -383,6 +383,7 @@ __build_packet_message(struct nfulnl_instance *inst, struct nlmsghdr *nlh; struct nfgenmsg *nfmsg; sk_buff_data_t old_tail = inst->skb->tail; + struct sock *sk; nlh = nlmsg_put(inst->skb, 0, 0, NFNL_SUBSYS_ULOG << 8 | NFULNL_MSG_PACKET, @@ -501,21 +502,21 @@ __build_packet_message(struct nfulnl_instance *inst, } /* UID */ - if (skb->sk) { - read_lock_bh(&skb->sk->sk_callback_lock); - if (skb->sk->sk_socket && skb->sk->sk_socket->file) { - struct file *file = skb->sk->sk_socket->file; + sk = skb->sk; + if (sk && sk->sk_state != TCP_TIME_WAIT) { + read_lock_bh(&sk->sk_callback_lock); + if (sk->sk_socket && sk->sk_socket->file) { + struct file *file = sk->sk_socket->file; __be32 uid = htonl(from_kuid_munged(inst->peer_user_ns, file->f_cred->fsuid)); __be32 gid = htonl(from_kgid_munged(inst->peer_user_ns, file->f_cred->fsgid)); - /* need to unlock here since NLA_PUT may goto */ - read_unlock_bh(&skb->sk->sk_callback_lock); + read_unlock_bh(&sk->sk_callback_lock); if (nla_put_be32(inst->skb, NFULA_UID, uid) || nla_put_be32(inst->skb, NFULA_GID, gid)) goto nla_put_failure; } else - read_unlock_bh(&skb->sk->sk_callback_lock); + read_unlock_bh(&sk->sk_callback_lock); } /* local sequence number */ |