rpms/kernel/devel fix-conntrack-bug-with-namespaces.patch, NONE, 1.1 kernel.spec, 1.1909, 1.1910

[Kyle McMartin]

Author: kyle

Update of /cvs/pkgs/rpms/kernel/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv827

Modified Files:
	kernel.spec 
Added Files:
	fix-conntrack-bug-with-namespaces.patch 
Log Message:
* Wed Feb 03 2010 Kyle McMartin <kyle at redhat.com>
- fix-conntrack-bug-with-namespaces.patch: Patch for issue identified
  by jcm. (Ref: http://lkml.org/lkml/2010/2/3/112)


fix-conntrack-bug-with-namespaces.patch:
 nf_conntrack_core.c |   24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

--- NEW FILE fix-conntrack-bug-with-namespaces.patch ---
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 0e98c32..37e2b88 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1113,6 +1113,10 @@ static void nf_ct_release_dying_list(struct net *net)
 
 static void nf_conntrack_cleanup_init_net(void)
 {
+	/* wait until all references to nf_conntrack_untracked are dropped */
+	while (atomic_read(&nf_conntrack_untracked.ct_general.use) > 1)
+		schedule();
+
 	nf_conntrack_helper_fini();
 	nf_conntrack_proto_fini();
 	kmem_cache_destroy(nf_conntrack_cachep);
@@ -1127,9 +1131,6 @@ static void nf_conntrack_cleanup_net(struct net *net)
 		schedule();
 		goto i_see_dead_people;
 	}
-	/* wait until all references to nf_conntrack_untracked are dropped */
-	while (atomic_read(&nf_conntrack_untracked.ct_general.use) > 1)
-		schedule();
 
 	nf_ct_free_hashtable(net->ct.hash, net->ct.hash_vmalloc,
 			     nf_conntrack_htable_size);
@@ -1288,6 +1289,14 @@ static int nf_conntrack_init_init_net(void)
 	if (ret < 0)
 		goto err_helper;
 
+	/* Set up fake conntrack: to never be deleted, not in any hashes */
+#ifdef CONFIG_NET_NS
+	nf_conntrack_untracked.ct_net = &init_net;
+#endif
+	atomic_set(&nf_conntrack_untracked.ct_general.use, 1);
+	/*  - and look it like as a confirmed connection */
+	set_bit(IPS_CONFIRMED_BIT, &nf_conntrack_untracked.status);
+
 	return 0;
 
 err_helper:
@@ -1333,15 +1342,6 @@ static int nf_conntrack_init_net(struct net *net)
 	if (ret < 0)
 		goto err_ecache;
 
-	/* Set up fake conntrack:
-	    - to never be deleted, not in any hashes */
-#ifdef CONFIG_NET_NS
-	nf_conntrack_untracked.ct_net = &init_net;
-#endif
-	atomic_set(&nf_conntrack_untracked.ct_general.use, 1);
-	/*  - and look it like as a confirmed connection */
-	set_bit(IPS_CONFIRMED_BIT, &nf_conntrack_untracked.status);
-
 	return 0;
 
 err_ecache:

  

Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/devel/kernel.spec,v
retrieving revision 1.1909
retrieving revision 1.1910
diff -u -p -r1.1909 -r1.1910
--- kernel.spec	2 Feb 2010 03:45:06 -0000	1.1909
+++ kernel.spec	3 Feb 2010 19:03:16 -0000	1.1910
@@ -715,6 +715,8 @@ Patch12013: linux-2.6-rfkill-all.patch
 
 Patch12015: add-appleir-usb-driver.patch
 
+Patch12016: fix-conntrack-bug-with-namespaces.patch
+
 %endif
 
 BuildRoot: %{_tmppath}/kernel-%{KVERREL}-root
@@ -1318,6 +1320,8 @@ ApplyPatch linux-2.6-rfkill-all.patch
 
 ApplyPatch add-appleir-usb-driver.patch
 
+ApplyPatch fix-conntrack-bug-with-namespaces.patch
+
 # END OF PATCH APPLICATIONS
 
 %endif
@@ -1966,6 +1970,10 @@ fi
 # and build.
 
 %changelog
+* Wed Feb 03 2010 Kyle McMartin <kyle at redhat.com>
+- fix-conntrack-bug-with-namespaces.patch: Patch for issue identified
+  by jcm. (Ref: http://lkml.org/lkml/2010/2/3/112)
+
 * Mon Feb 02 2010 Chuck Ebbert <cebbert at redhat.com> 2.6.33-0.26.rc6.git1
 - 2.6.33-rc6-git1