1
linux/include/net
Patrick McHardy d696c7bdaa netfilter: nf_conntrack: fix hash resizing with namespaces
As noticed by Jon Masters <jonathan@jonmasters.org>, the conntrack hash
size is global and not per namespace, but modifiable at runtime through
/sys/module/nf_conntrack/hashsize. Changing the hash size will only
resize the hash in the current namespace however, so other namespaces
will use an invalid hash size. This can cause crashes when enlarging
the hashsize, or false negative lookups when shrinking it.

Move the hash size into the per-namespace data and only use the global
hash size to initialize the per-namespace value when instanciating a
new namespace. Additionally restrict hash resizing to init_net for
now as other namespaces are not handled currently.

Cc: stable@kernel.org
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-08 11:18:07 -08:00
..
9p 9p: fix readdir corner cases 2009-11-02 08:43:45 -06:00
bluetooth Bluetooth: Implement RejActioned flag 2009-12-03 19:34:24 +01:00
irda
iucv
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2009-12-16 10:33:18 -08:00
netns netfilter: nf_conntrack: fix hash resizing with namespaces 2010-02-08 11:18:07 -08:00
phonet Phonet: convert devices list to RCU 2009-11-18 10:08:26 -08:00
sctp Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2009-12-09 19:43:33 -08:00
tc_act pkt_sched: skbedit add support for setting mark 2009-10-22 21:56:42 -07:00
tipc
act_api.h
addrconf.h
af_ieee802154.h
af_rxrpc.h
af_unix.h
ah.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
arp.h
atmclip.h
ax25.h
ax88796.h
cfg80211.h nl80211: PMKSA caching support 2009-11-28 15:05:05 -05:00
checksum.h
cipso_ipv4.h
compat.h net: fix compat_sys_recvmmsg parameter type 2009-12-11 15:07:56 -08:00
datalink.h
dcbnl.h
dn_dev.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
dn_fib.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
dn_neigh.h
dn_nsp.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
dn_route.h
dn.h
dsa.h
dsfield.h
dst_ops.h
dst.h tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
esp.h
ethoc.h
fib_rules.h net: Allow fib_rule_unregister to batch 2009-12-03 12:22:55 -08:00
flow.h
garp.h
gen_stats.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
genetlink.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
icmp.h
ieee80211_radiotap.h mac80211: fix radiotap header generation 2009-10-30 16:49:20 -04:00
ieee802154_netdev.h ieee802154: add an mlme_ops call to retrieve PHY object 2009-11-06 14:32:18 +03:00
ieee802154.h
if_inet6.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
inet6_connection_sock.h
inet6_hashtables.h tcp: Fix a connect() race with timewait sockets 2009-12-08 20:17:51 -08:00
inet_common.h
inet_connection_sock.h net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
inet_ecn.h
inet_frag.h
inet_hashtables.h tcp: Fix a connect() race with timewait sockets 2009-12-08 20:17:51 -08:00
inet_sock.h inet: rename some inet_sock fields 2009-10-18 18:52:53 -07:00
inet_timewait_sock.h tcp: Fix a connect() race with timewait sockets 2009-12-08 20:17:51 -08:00
inetpeer.h inetpeer: Optimize inet_getid() 2009-11-13 20:46:58 -08:00
ip6_checksum.h
ip6_fib.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
ip6_route.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
ip6_tunnel.h
ip_fib.h Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-11-06 00:55:55 -08:00
ip_vs.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
ip.h net: fix build erros with CONFIG_BUG=n, CONFIG_GENERIC_BUG=n 2010-01-13 18:10:36 -08:00
ipcomp.h
ipconfig.h
ipip.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
ipv6.h netfilter: fix crashes in bridge netfilter caused by fragment jumps 2009-12-15 16:59:59 +01:00
ipx.h
iw_handler.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
lapb.h
lib80211.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
mac80211.h wireless: remove remaining qual code 2009-12-28 16:19:45 -05:00
mip6.h
ndisc.h sysctl: remove "struct file *" argument of ->proc_handler 2009-09-24 07:21:04 -07:00
neighbour.h Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu 2009-12-14 09:58:24 -08:00
net_namespace.h net: Add support for batching network namespace cleanups 2009-12-03 12:22:01 -08:00
netdma.h
netevent.h
netlabel.h
netlink.h
netrom.h ax25: netrom: rose: Fix timer oopses 2010-01-16 01:04:04 -08:00
nexthop.h
nl802154.h
p8022.h
pkt_cls.h net: rename skb->iif to skb->skb_iif 2009-11-20 15:35:04 -08:00
pkt_sched.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
protocol.h net: drop capability from protocol definitions 2009-11-05 21:40:17 -08:00
psnap.h
raw.h
rawv6.h
red.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
regulatory.h
request_sock.h TCPCT part 1a: add request_values parameter for sending SYNACK 2009-12-02 22:07:23 -08:00
rose.h
route.h net: NETDEV_UNREGISTER_PERNET -> NETDEV_UNREGISTER_BATCH 2009-12-01 16:15:50 -08:00
rtnetlink.h net: Support specifying the network namespace upon device creation. 2009-11-08 00:53:51 -08:00
sch_generic.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
scm.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
slhc_vj.h
snmp.h this_cpu: Use this_cpu operations for SNMP statistics 2009-10-03 19:48:22 +09:00
sock.h udp: secondary hash on (local port, local address) 2009-11-08 20:53:06 -08:00
stp.h
tcp_states.h
tcp.h tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
timewait_sock.h
transp_v6.h
udp.h udp: bind() optimisation 2009-11-10 20:54:38 -08:00
udplite.h
wext.h wext: refactor 2009-10-07 16:39:43 -04:00
wimax.h Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2009-12-09 19:43:33 -08:00
wpan-phy.h ieee802154: add support for creation/removal of logic interfaces 2009-11-06 14:32:24 +03:00
x25.h X25: Move SYSCTL ifdefs into header 2009-11-29 00:24:59 -08:00
x25device.h
xfrm.h netns xfrm: fix "ip xfrm state|policy count" misreport 2010-01-23 23:10:42 -08:00