rpms/kernel/F-12 fix-conntrack-bug-with-namespaces.patch, NONE, 1.1 kernel.spec, 1.2000, 1.2001

[Kyle McMartin]

Author: kyle

Update of /cvs/pkgs/rpms/kernel/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv2783

Modified Files:
	kernel.spec 
Added Files:
	fix-conntrack-bug-with-namespaces.patch 
Log Message:
* Wed Feb 03 2010 Kyle McMartin <kyle at redhat.com>
- fix-conntrack-bug-with-namespaces.patch: Fix for issue identified by jcm,
  http://lkml.org/lkml/2010/2/3/112


fix-conntrack-bug-with-namespaces.patch:
 nf_conntrack_core.c |   24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

--- NEW FILE fix-conntrack-bug-with-namespaces.patch ---
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 0e98c32..37e2b88 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1113,6 +1113,10 @@ static void nf_ct_release_dying_list(struct net *net)
 
 static void nf_conntrack_cleanup_init_net(void)
 {
+	/* wait until all references to nf_conntrack_untracked are dropped */
+	while (atomic_read(&nf_conntrack_untracked.ct_general.use) > 1)
+		schedule();
+
 	nf_conntrack_helper_fini();
 	nf_conntrack_proto_fini();
 	kmem_cache_destroy(nf_conntrack_cachep);
@@ -1127,9 +1131,6 @@ static void nf_conntrack_cleanup_net(struct net *net)
 		schedule();
 		goto i_see_dead_people;
 	}
-	/* wait until all references to nf_conntrack_untracked are dropped */
-	while (atomic_read(&nf_conntrack_untracked.ct_general.use) > 1)
-		schedule();
 
 	nf_ct_free_hashtable(net->ct.hash, net->ct.hash_vmalloc,
 			     nf_conntrack_htable_size);
@@ -1288,6 +1289,14 @@ static int nf_conntrack_init_init_net(void)
 	if (ret < 0)
 		goto err_helper;
 
+	/* Set up fake conntrack: to never be deleted, not in any hashes */
+#ifdef CONFIG_NET_NS
+	nf_conntrack_untracked.ct_net = &init_net;
+#endif
+	atomic_set(&nf_conntrack_untracked.ct_general.use, 1);
+	/*  - and look it like as a confirmed connection */
+	set_bit(IPS_CONFIRMED_BIT, &nf_conntrack_untracked.status);
+
 	return 0;
 
 err_helper:
@@ -1333,15 +1342,6 @@ static int nf_conntrack_init_net(struct net *net)
 	if (ret < 0)
 		goto err_ecache;
 
-	/* Set up fake conntrack:
-	    - to never be deleted, not in any hashes */
-#ifdef CONFIG_NET_NS
-	nf_conntrack_untracked.ct_net = &init_net;
-#endif
-	atomic_set(&nf_conntrack_untracked.ct_general.use, 1);
-	/*  - and look it like as a confirmed connection */
-	set_bit(IPS_CONFIRMED_BIT, &nf_conntrack_untracked.status);
-
 	return 0;
 
 err_ecache:

  

Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-12/kernel.spec,v
retrieving revision 1.2000
retrieving revision 1.2001
diff -u -p -r1.2000 -r1.2001
--- kernel.spec	2 Feb 2010 20:55:45 -0000	1.2000
+++ kernel.spec	3 Feb 2010 19:13:55 -0000	1.2001
@@ -756,6 +756,8 @@ Patch12200: add-appleir-usb-driver.patch
 # fix possible oops in bio-integrity
 Patch12300: block-fix-bugs-in-bio-integrity-mempool-usage.patch
 
+Patch12301: fix-conntrack-bug-with-namespaces.patch
+
 %endif
 
 BuildRoot: %{_tmppath}/kernel-%{KVERREL}-root
@@ -1387,6 +1389,8 @@ ApplyPatch wmi-check-wmi-get-event-data-
 # fix possible oops in bio-integrity
 ApplyPatch block-fix-bugs-in-bio-integrity-mempool-usage.patch
 
+ApplyPatch fix-conntrack-bug-with-namespaces.patch
+
 # END OF PATCH APPLICATIONS
 
 %endif
@@ -2042,6 +2046,10 @@ fi
 # and build.
 
 %changelog
+* Wed Feb 03 2010 Kyle McMartin <kyle at redhat.com>
+- fix-conntrack-bug-with-namespaces.patch: Fix for issue identified by jcm,
+  http://lkml.org/lkml/2010/2/3/112
+
 * Tue Feb 02 2010 David Woodhouse <David.Woodhouse at intel.com> 2.6.32.7-40
 - Disable graphics DMAR unit on Cantiga (#538163)