On 08/06/2015 12:07 PM, Pablo Neira Ayuso wrote:
On Wed, Aug 05, 2015 at 05:51:45PM +0200, Andreas Schultz wrote:
[..]
+static void __net_exit nfnl_acct_net_exit(struct net *net) +{ + struct nf_acct *cur, *tmp; + + list_for_each_entry_safe(cur, tmp, &net->nfnl_acct_list, head) { + list_del_rcu(&cur->head); + + if (atomic_dec_and_test(&cur->refcnt)) + kfree_rcu(cur, rcu_head); + } +}You better use nfnl_acct_put() here, otherwise we leak a module refcount.
The module refcount is only taken in nfnl_acct_find_get. The initial insert into the list in nfnl_acct_new is not taking the module refcount.
Releasing the module refcount here would IMHO release one recount to many. Or do I miss something?
Other than that, this looks fine with me. Please send a v2. Thanks.
Andreas -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
