Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> > The existing setters all copy their argument, but the current connlabel
> > setter only assigns the pointer, i.e., 'ownership' of the bitmask object
> > is then tied to conntrack object. This may not be whats expected.
> >
> > Should I make this change:
> >
> > set_attr_connlabels(struct nf_conntrack *ct, const void *value, size_t len)
> > {
> > - ct->connlabels = (void *) value;
> > + ct->connlabels = nfct_bitmask_clone(value);
> > }
> >
> > to avoid this or not?
>
> To attach expectations to master conntracks, we pass the object via
> the setter without cloning it.
Oh? Sorry, I failed to spot that. But perfect, so there is no need
to make this change.
> So my suggestion is to document how it works and leave it as is. BTW,
> make sure that object is released in the nfct_destroy path if you do
> so.
pushed to -next.
Thanks for your suggestions, i've added a doc-comment to
nfct_bitmask_destroy() about this.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
