Two bugs in nf_conncount are fixed by this patch series. First patch fixes inconsistent lock state in conn_free(). conn_free() is called both BH and process context. so that spin_lock_bh() should be used. Second patch fixes unsafe locking scenario of list element. conn_free() can't protect double delete of list element. So that dead flag is added. Taehee Yoo (2): netfilter: nf_conncount: use spin_lock_bh instead of spin_lock netfilter: nf_conncount: fix list_del corruption in conn_free net/netfilter/nf_conncount.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) -- 2.17.1
