Eric Dumazet a écrit : > > But even if sysctl_tw_reuse is cleared, we might trigger the bug if > local port is bound to a value. Oh well, that's more subtle than that. __inet_check_established() is called not only with bh disabled, but also with a lock on bind list if twp != NULL. However, if twp is NULL, lock is not held by caller. [ Thats the final ret = check_established(death_row, sk, snum, NULL); in __inet_hash_connect()] So triggering this bug with tw_reuse clear is tricky : You need several threads, using sockets with REUSEADDR set, and bind() to same address/port before connect() to same target. We need another patch to correct this. I wonder if always hold lock before calling check_established() would be cleaner. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
