diff options
author | Jakub Kicinski <kuba@kernel.org> | 2021-01-13 05:25:29 +0100 |
---|---|---|
committer | Jakub Kicinski <kuba@kernel.org> | 2021-01-13 05:25:29 +0100 |
commit | c8a8ead01736419a14c3106e1f26a79d74fc84c7 (patch) | |
tree | 24a6bfdd5bd71609a7d8d4bd9d59c6ef018f2234 /net | |
parent | Merge branch 'net-smc-fix-out-of-bound-access-in-netlink-interface' (diff) | |
parent | netfilter: nf_nat: Fix memleak in nf_nat_init (diff) | |
download | linux-c8a8ead01736419a14c3106e1f26a79d74fc84c7.tar.xz linux-c8a8ead01736419a14c3106e1f26a79d74fc84c7.zip |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
1) Pass conntrack -f to specify family in netfilter conntrack helper
selftests, from Chen Yi.
2) Honor hashsize modparam from nf_conntrack_buckets sysctl,
from Jesper D. Brouer.
3) Fix memleak in nf_nat_init() error path, from Dinghao Liu.
* git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf:
netfilter: nf_nat: Fix memleak in nf_nat_init
netfilter: conntrack: fix reading nf_conntrack_buckets
selftests: netfilter: Pass family parameter "-f" to conntrack tool
====================
Link: https://lore.kernel.org/r/20210112222033.9732-1-pablo@netfilter.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/nf_conntrack_standalone.c | 3 | ||||
-rw-r--r-- | net/netfilter/nf_nat_core.c | 1 |
2 files changed, 4 insertions, 0 deletions
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index 46c5557c1fec..0ee702d374b0 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -523,6 +523,9 @@ nf_conntrack_hash_sysctl(struct ctl_table *table, int write, { int ret; + /* module_param hashsize could have changed value */ + nf_conntrack_htable_size_user = nf_conntrack_htable_size; + ret = proc_dointvec(table, write, buffer, lenp, ppos); if (ret < 0 || !write) return ret; diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c index ea923f8cf9c4..b7c3c902290f 100644 --- a/net/netfilter/nf_nat_core.c +++ b/net/netfilter/nf_nat_core.c @@ -1174,6 +1174,7 @@ static int __init nf_nat_init(void) ret = register_pernet_subsys(&nat_net_ops); if (ret < 0) { nf_ct_extend_unregister(&nat_extend); + kvfree(nf_nat_bysource); return ret; } |