review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Florian Westphal <fw@strlen.de>
	Thu, 23 Sep 2021 14:44:34 +0000 (16:44 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 28 Sep 2021 11:04:55 +0000 (13:04 +0200)
commit	339031bafe6b281cf2dcb8364217288b9fdab555
tree	4fd8f21da6f482db28701690064ef6c0251dd3a3	tree \| snapshot
parent	3b1b6e82fb5e08e2cb355d7b2ee8644ec289de66	commit \| diff

netfilter: conntrack: fix boot failure with nf_conntrack.enable_hooks=1

This is a revert of
7b1957b049 ("netfilter: nf_defrag_ipv4: use net_generic infra")
and a partial revert of
8b0adbe3e3 ("netfilter: nf_defrag_ipv6: use net_generic infra").

If conntrack is builtin and kernel is booted with:
nf_conntrack.enable_hooks=1

.... kernel will fail to boot due to a NULL deref in
nf_defrag_ipv4_enable(): Its called before the ipv4 defrag initcall is
made, so net_generic() returns NULL.

To resolve this, move the user refcount back to struct net so calls
to those functions are possible even before their initcalls have run.

Fixes: 7b1957b04956 ("netfilter: nf_defrag_ipv4: use net_generic infra")
Fixes: 8b0adbe3e38d ("netfilter: nf_defrag_ipv6: use net_generic infra").
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/ipv6/nf_defrag_ipv6.h		diff \| blob \| history
include/net/netns/netfilter.h		diff \| blob \| history
net/ipv4/netfilter/nf_defrag_ipv4.c		diff \| blob \| history
net/ipv6/netfilter/nf_conntrack_reasm.c		diff \| blob \| history
net/ipv6/netfilter/nf_defrag_ipv6_hooks.c		diff \| blob \| history