On 13/04/11 13:37, Patrick McHardy wrote: > Am 12.04.2011 23:59, schrieb Pablo Neira Ayuso: >> Hi Patrick, >> >> The following patches rework the userspace expectation support >> to fix one problematic scenario: if the master conntrack vanishes >> while there are still userspace expectations, we hit an oops >> in the destroy event path for expectations. > > Just wondering, how can this happen? We take a reference for > userspace expectations just as we do for kernel expectations. > > Ok, I see, we are releasing it again at the end of > ctnetlink_create_expect(), that seems to be the actual problem > if I'm not mistaken. Indeed, we have keep that reference, that would fix the problem. Still, with the curent approach the userspace expectation will be valid after the master conntrack has expired. So we can do the following: Fix this refcount issue in -stable and current, and schedule these patches for nf-next to change the behaviour. What do you think? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
