Pablo,
Have you tried this patch (without the ->nfnl NULL check change) with
the perl program I wrote that reliably replicates the original bug?
https://bugs.launchpad.net/ubuntu/+source/linux-lts-backport-natty/+bug/843892
specifically the attachment in comment #6:
https://bugs.launchpad.net/ubuntu/+source/linux-lts-backport-natty/+bug/843892/+attachment/2382526/+files/testns.pl
Alex
--On 15 November 2011 10:56:42 +0100 Pablo Neira Ayuso
<pablo@xxxxxxxxxxxxx> wrote:
On Wed, Nov 09, 2011 at 03:34:23PM +0100, Pablo Neira Ayuso wrote:
On Wed, Nov 09, 2011 at 01:16:35AM +0300, Alexey Dobriyan wrote:
> Sorry for delay.
>
> I recall myself writing that net->nfnl NULL check is racy or
> something like that (but I can't find this email in archives).
>
> I've read the code once again, and I'm quite sure,
> NULL ->nfnl check is correct if RCU precautions are made.
>
> Regarding ->report check, I think it's bogus.
>
> If there are no listeners, there are NO listeners
> and whether to report back to userspace doesn't matter.
>
> I'm sure I'm missing something obvious here.
>
> Please, review.
Alexey. This is a workaround. We have to make ctnl_notifier
container-aware which is the real problem.
I made this patch. It makes the ctnl_notifier container-aware.
I'm trying to set some lxc container to test it (it's not that
straight forward in debian).
btw: if it's fine, i'll add the credits (reported-by and other tags
before final submission, this is still a RFC).
--
Alex Bligh
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
