On Wed, Nov 12, 2014 at 08:35:00AM +0100, Jesper Dangaard Brouer wrote: > > > - /* We have to check the DYING flag inside the lock to prevent > > > + > > > + /* We have to check the DYING flag after unlink to prevent > > > a race against nf_ct_get_next_corpse() possibly called from > > > user context, else we insert an already 'dead' hash, blocking > > > further use of that particular connection -JM */ > > > > While at this, I think it would be good to fix comment style to: > > > > /* We have ... > > * ... > > */ > > > > I can fix this here, no need to resend, just let me know. > > Okay, I was just trying to keep the changes as minimal as possible, if > this should go into a stable-kernel. Your choice. I'm going to take this patch including the comment style fix, I would like to avoid specific patches to fix coding style issues, and the first line of this comment is updated. I think the patch will be still small to fulfill -stable rules. I'll send a follow a patch to change the return verdict to NF_DROP to not mix up different things. Thanks! -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
