Commit 665e205c authored by Vitaly E. Lavrov's avatar Vitaly E. Lavrov Committed by Pablo Neira Ayuso

netfilter: xt_recent: fix namespace destroy path

recent_net_exit() is called before recent_mt_destroy() in the
destroy path of network namespaces. Make sure there are no entries
in the parent proc entry xt_recent before removing it.
Signed-off-by: default avatarVitaly E. Lavrov <lve@guap.ru>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 09181842
...@@ -431,6 +431,7 @@ static void recent_mt_destroy(const struct xt_mtdtor_param *par) ...@@ -431,6 +431,7 @@ static void recent_mt_destroy(const struct xt_mtdtor_param *par)
list_del(&t->list); list_del(&t->list);
spin_unlock_bh(&recent_lock); spin_unlock_bh(&recent_lock);
#ifdef CONFIG_PROC_FS #ifdef CONFIG_PROC_FS
if (recent_net->xt_recent != NULL)
remove_proc_entry(t->name, recent_net->xt_recent); remove_proc_entry(t->name, recent_net->xt_recent);
#endif #endif
recent_table_flush(t); recent_table_flush(t);
...@@ -615,6 +616,20 @@ static int __net_init recent_proc_net_init(struct net *net) ...@@ -615,6 +616,20 @@ static int __net_init recent_proc_net_init(struct net *net)
static void __net_exit recent_proc_net_exit(struct net *net) static void __net_exit recent_proc_net_exit(struct net *net)
{ {
struct recent_net *recent_net = recent_pernet(net);
struct recent_table *t;
/* recent_net_exit() is called before recent_mt_destroy(). Make sure
* that the parent xt_recent proc entry is is empty before trying to
* remove it.
*/
spin_lock_bh(&recent_lock);
list_for_each_entry(t, &recent_net->tables, list)
remove_proc_entry(t->name, recent_net->xt_recent);
recent_net->xt_recent = NULL;
spin_unlock_bh(&recent_lock);
proc_net_remove(net, "xt_recent"); proc_net_remove(net, "xt_recent");
} }
#else #else
...@@ -638,9 +653,6 @@ static int __net_init recent_net_init(struct net *net) ...@@ -638,9 +653,6 @@ static int __net_init recent_net_init(struct net *net)
static void __net_exit recent_net_exit(struct net *net) static void __net_exit recent_net_exit(struct net *net)
{ {
struct recent_net *recent_net = recent_pernet(net);
BUG_ON(!list_empty(&recent_net->tables));
recent_proc_net_exit(net); recent_proc_net_exit(net);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment