authorDavid S. Miller <davem@davemloft.net>2018-06-28 13:32:44 +0900
committerDavid S. Miller <davem@davemloft.net>2018-06-28 13:32:44 +0900
commit09014418391cab8b11427d19d8c968b594f56925 (patch)
tree67987b4c5dd5bd4e84fb4ced62a84cf1e3eea37a /include/net
parent2d2595719a97c876f35b1e60e5768e58753b268c (diff)
parentb36e4523d4d56e2595e28f16f6ccf1cd6a9fc452 (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says: ==================== Netfilter fixes for net The following patchset contains Netfilter fixes for your net tree: 1) Missing netlink attribute validation in nf_queue, uncovered by KASAN, from Eric Dumazet. 2) Use pointer to sysctl table, save us 192 bytes of memory per netns. Also from Eric. 3) Possible use-after-free when removing conntrack helper modules due to missing synchronize RCU call. From Taehee Yoo. 4) Fix corner case in systcl writes to nf_log that lead to appending data to uninitialized buffer, from Jann Horn. 5) Jann Horn says we may indefinitely block other users of nf_log_mutex if a userspace access in proc_dostring() blocked e.g. due to a userfaultfd. 6) Fix garbage collection race for unconfirmed conntrack entries, from Florian Westphal. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
2 files changed, 1 insertions, 1 deletions
diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index 47e35cce3b64..a71264d75d7f 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -128,6 +128,7 @@ struct net {
struct netns_nf_frag nf_frag;
+ struct ctl_table_header *nf_frag_frags_hdr;
struct sock *nfnl;
struct sock *nfnl_stash;
diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h
index c978a31b0f84..762ac9931b62 100644
--- a/include/net/netns/ipv6.h
+++ b/include/net/netns/ipv6.h
@@ -109,7 +109,6 @@ struct netns_ipv6 {
struct netns_nf_frag {
- struct netns_sysctl_ipv6 sysctl;
struct netns_frags frags;