git://git.onelab.eu
/
linux-2.6.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
vserver 1.9.5.x5
[linux-2.6.git]
/
net
/
ipv6
/
netfilter
/
ip6_queue.c
diff --git
a/net/ipv6/netfilter/ip6_queue.c
b/net/ipv6/netfilter/ip6_queue.c
index
75f9ac7
..
6795b41
100644
(file)
--- a/
net/ipv6/netfilter/ip6_queue.c
+++ b/
net/ipv6/netfilter/ip6_queue.c
@@
-60,7
+60,7
@@
typedef int (*ipq_cmpfn)(struct ipq_queue_entry *, unsigned long);
static unsigned char copy_mode = IPQ_COPY_NONE;
static unsigned int queue_maxlen = IPQ_QMAX_DEFAULT;
static unsigned char copy_mode = IPQ_COPY_NONE;
static unsigned int queue_maxlen = IPQ_QMAX_DEFAULT;
-static
rwlock_t queue_lock = RW_LOCK_UNLOCKED
;
+static
DEFINE_RWLOCK(queue_lock)
;
static int peer_pid;
static unsigned int copy_range;
static unsigned int queue_total;
static int peer_pid;
static unsigned int copy_range;
static unsigned int queue_total;
@@
-167,6
+167,7
@@
static inline void
__ipq_reset(void)
{
peer_pid = 0;
__ipq_reset(void)
{
peer_pid = 0;
+ net_disable_timestamp();
__ipq_set_mode(IPQ_COPY_NONE, 0);
__ipq_flush(NF_DROP);
}
__ipq_set_mode(IPQ_COPY_NONE, 0);
__ipq_flush(NF_DROP);
}
@@
-262,7
+263,8
@@
ipq_build_packet_message(struct ipq_queue_entry *entry, int *errp)
}
if (data_len)
}
if (data_len)
- memcpy(pmsg->payload, entry->skb->data, data_len);
+ if (skb_copy_bits(entry->skb, 0, pmsg->payload, data_len))
+ BUG();
nlh->nlmsg_len = skb->tail - old_tail;
return skb;
nlh->nlmsg_len = skb->tail - old_tail;
return skb;
@@
-366,6
+368,8
@@
ipq_mangle_ipv6(ipq_verdict_msg_t *v, struct ipq_queue_entry *e)
}
skb_put(e->skb, diff);
}
}
skb_put(e->skb, diff);
}
+ if (!skb_ip_make_writable(&e->skb, v->data_len))
+ return -ENOMEM;
memcpy(e->skb->data, v->payload, v->data_len);
e->skb->nfcache |= NFC_ALTERED;
memcpy(e->skb->data, v->payload, v->data_len);
e->skb->nfcache |= NFC_ALTERED;
@@
-376,8
+380,8
@@
ipq_mangle_ipv6(ipq_verdict_msg_t *v, struct ipq_queue_entry *e)
*/
if (e->info->hook == NF_IP_LOCAL_OUT) {
struct ipv6hdr *iph = e->skb->nh.ipv6h;
*/
if (e->info->hook == NF_IP_LOCAL_OUT) {
struct ipv6hdr *iph = e->skb->nh.ipv6h;
- if (
ipv6_addr_cmp
(&iph->daddr, &e->rt_info.daddr) ||
-
ipv6_addr_cmp
(&iph->saddr, &e->rt_info.saddr))
+ if (
!ipv6_addr_equal
(&iph->daddr, &e->rt_info.daddr) ||
+
!ipv6_addr_equal
(&iph->saddr, &e->rt_info.saddr))
return ip6_route_me_harder(e->skb);
}
return 0;
return ip6_route_me_harder(e->skb);
}
return 0;
@@
-517,9
+521,10
@@
ipq_rcv_skb(struct sk_buff *skb)
write_unlock_bh(&queue_lock);
RCV_SKB_FAIL(-EBUSY);
}
write_unlock_bh(&queue_lock);
RCV_SKB_FAIL(-EBUSY);
}
- }
- else
+ }
else {
+ net_enable_timestamp();
peer_pid = pid;
peer_pid = pid;
+ }
write_unlock_bh(&queue_lock);
write_unlock_bh(&queue_lock);