git.baikalelectronics.ru Git - kernel.git/commit

author	Balazs Scheidler <bazsi@balabit.hu>
	Thu, 21 Oct 2010 11:06:43 +0000 (13:06 +0200)
committer	Patrick McHardy <kaber@trash.net>
	Thu, 21 Oct 2010 11:06:43 +0000 (13:06 +0200)
commit	5da941f111d4db64f35ce6e8c7dd3ee7a88d6deb
tree	36e9eed23573068819bf67a91caac6ebf60d0d7c	tree \| snapshot
parent	9215875673b2c113e2e62c713cdf8b250b19acee	commit \| diff

tproxy: fix hash locking issue when using port redirection in __inet_inherit_port()

When __inet_inherit_port() is called on a tproxy connection the wrong locks are
held for the inet_bind_bucket it is added to. __inet_inherit_port() made an
implicit assumption that the listener's port number (and thus its bind bucket).
Unfortunately, if you're using the TPROXY target to redirect skbs to a
transparent proxy that assumption is not true anymore and things break.

This patch adds code to __inet_inherit_port() so that it can handle this case
by looking up or creating a new bind bucket for the child socket and updates
callers of __inet_inherit_port() to gracefully handle __inet_inherit_port()
failing.

Reported by and original patch from Stephen Buck <stephen.buck@exinda.com>.
See http://marc.info/?t=128169268200001&r=1&w=2 for the original discussion.

Signed-off-by: KOVACS Krisztian <hidden@balabit.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>

include/net/inet_hashtables.h		diff \| blob \| history
net/dccp/ipv4.c		diff \| blob \| history
net/dccp/ipv6.c		diff \| blob \| history
net/ipv4/inet_hashtables.c		diff \| blob \| history
net/ipv4/tcp_ipv4.c		diff \| blob \| history
net/ipv6/tcp_ipv6.c		diff \| blob \| history