Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > The existing setters all copy their argument, but the current connlabel > > setter only assigns the pointer, i.e., 'ownership' of the bitmask object > > is then tied to conntrack object. This may not be whats expected. > > > > Should I make this change: > > > > set_attr_connlabels(struct nf_conntrack *ct, const void *value, size_t len) > > { > > - ct->connlabels = (void *) value; > > + ct->connlabels = nfct_bitmask_clone(value); > > } > > > > to avoid this or not? > > To attach expectations to master conntracks, we pass the object via > the setter without cloning it. Oh? Sorry, I failed to spot that. But perfect, so there is no need to make this change. > So my suggestion is to document how it works and leave it as is. BTW, > make sure that object is released in the nfct_destroy path if you do > so. pushed to -next. Thanks for your suggestions, i've added a doc-comment to nfct_bitmask_destroy() about this. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html