linux-stable-rt/net/ipv4
Patrick McHardy d696c7bdaa netfilter: nf_conntrack: fix hash resizing with namespaces
As noticed by Jon Masters <jonathan@jonmasters.org>, the conntrack hash
size is global and not per namespace, but modifiable at runtime through
/sys/module/nf_conntrack/hashsize. Changing the hash size will only
resize the hash in the current namespace however, so other namespaces
will use an invalid hash size. This can cause crashes when enlarging
the hashsize, or false negative lookups when shrinking it.

Move the hash size into the per-namespace data and only use the global
hash size to initialize the per-namespace value when instanciating a
new namespace. Additionally restrict hash resizing to init_net for
now as other namespaces are not handled currently.

Cc: stable@kernel.org
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-02-08 11:18:07 -08:00
..
netfilter netfilter: nf_conntrack: fix hash resizing with namespaces 2010-02-08 11:18:07 -08:00
Kconfig
Makefile
af_inet.c
ah4.c xfrm: Use the user specified truncation length in ESP and AH 2009-11-25 15:48:41 -08:00
arp.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
cipso_ipv4.c
datagram.c
devinet.c net: restore ip source validation 2009-12-25 17:30:22 -08:00
esp4.c xfrm: Use the user specified truncation length in ESP and AH 2009-11-25 15:48:41 -08:00
fib_frontend.c net: restore ip source validation 2009-12-25 17:30:22 -08:00
fib_hash.c
fib_lookup.h
fib_rules.c net: Allow fib_rule_unregister to batch 2009-12-03 12:22:55 -08:00
fib_semantics.c net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
fib_trie.c
icmp.c
igmp.c net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
inet_connection_sock.c TCPCT part 1a: add request_values parameter for sending SYNACK 2009-12-02 22:07:23 -08:00
inet_diag.c netlink: With opcode INET_DIAG_BC_S_LE dport was compared in inet_diag_bc_run() 2010-01-19 14:12:20 -08:00
inet_fragment.c
inet_hashtables.c tcp: Fix a connect() race with timewait sockets 2009-12-08 20:17:51 -08:00
inet_lro.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
inet_timewait_sock.c [PATCH] tcp: documents timewait refcnt tricks 2009-12-08 20:19:53 -08:00
inetpeer.c inetpeer: Optimize inet_getid() 2009-11-13 20:46:58 -08:00
ip_forward.c
ip_fragment.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
ip_gre.c net: Simplify ip_gre pernet operations. 2009-12-01 16:15:57 -08:00
ip_input.c net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
ip_options.c
ip_output.c ip: fix mc_loop checks for tunnels with multicast outer addresses 2010-01-06 20:37:01 -08:00
ip_sockglue.c
ipcomp.c
ipconfig.c Merge branch 'for-2.6.33' of git://linux-nfs.org/~bfields/linux 2009-12-16 10:43:34 -08:00
ipip.c net: Simplify ipip pernet operations. 2009-12-01 16:15:58 -08:00
ipmr.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-11-17 00:05:02 -08:00
netfilter.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
proc.c
protocol.c
raw.c
route.c ipv4: don't remove /proc/net/rt_acct 2010-01-17 19:24:49 -08:00
syncookies.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
sysctl_net_ipv4.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
tcp.c tcp: Remove runtime check that can never be true. 2009-12-08 20:07:54 -08:00
tcp_bic.c
tcp_cong.c
tcp_cubic.c
tcp_diag.c tcp: diag: Dont report negative values for rx queue 2009-12-03 16:06:13 -08:00
tcp_highspeed.c
tcp_htcp.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tcp_hybla.c
tcp_illinois.c
tcp_input.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
tcp_ipv4.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
tcp_lp.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tcp_minisocks.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
tcp_output.c tcp: Revert per-route SACK/DSACK/TIMESTAMP changes. 2009-12-15 20:56:42 -08:00
tcp_probe.c tcp_probe: avoid modulus operation and wrap fix 2010-01-25 15:47:50 -08:00
tcp_scalable.c
tcp_timer.c tcp: Stalling connections: Move timeout calculation routine 2009-12-08 20:56:11 -08:00
tcp_vegas.c
tcp_vegas.h
tcp_veno.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tcp_westwood.c
tcp_yeah.c net/ipv4: Move && and || to end of previous line 2009-11-23 10:41:23 -08:00
tunnel4.c
udp.c udp: udp_lib_get_port() fix 2009-12-13 19:32:39 -08:00
udp_impl.h
udplite.c
xfrm4_input.c
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
xfrm4_output.c
xfrm4_policy.c netns xfrm: deal with dst entries in netns 2010-01-24 22:47:53 -08:00
xfrm4_state.c
xfrm4_tunnel.c