diff options
| author | Taehee Yoo | 2019-04-29 18:55:29 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman | 2019-06-15 11:54:06 +0200 |
| commit | 028b3d8d549e276ffa34835aeb2c2a18c98e7ca3 (patch) | |
| tree | 60aaa0dcf3f15f3911eca50c8c17314efaf1008b /net/netfilter | |
| parent | netfilter: nf_flow_table: check ttl value in flow offload data path (diff) | |
| download | kernel-qcow2-linux-028b3d8d549e276ffa34835aeb2c2a18c98e7ca3.tar.gz kernel-qcow2-linux-028b3d8d549e276ffa34835aeb2c2a18c98e7ca3.tar.xz kernel-qcow2-linux-028b3d8d549e276ffa34835aeb2c2a18c98e7ca3.zip | |
netfilter: nf_flow_table: fix netdev refcnt leak
[ Upstream commit 26a302afbe328ecb7507cae2035d938e6635131b ]
flow_offload_alloc() calls nf_route() to get a dst_entry. Internally,
nf_route() calls ip_route_output_key() that allocates a dst_entry and
holds it. So, a dst_entry should be released by dst_release() if
nf_route() is successful.
Otherwise, netns exit routine cannot be finished and the following
message is printed:
[ 257.490952] unregister_netdevice: waiting for lo to become free. Usage count = 1
Fixes: ac2a66665e23 ("netfilter: add generic flow table infrastructure")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'net/netfilter')
| -rw-r--r-- | net/netfilter/nft_flow_offload.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c index 436cc14cfc59..7f85af4c40ff 100644 --- a/net/netfilter/nft_flow_offload.c +++ b/net/netfilter/nft_flow_offload.c @@ -113,6 +113,7 @@ static void nft_flow_offload_eval(const struct nft_expr *expr, if (ret < 0) goto err_flow_add; + dst_release(route.tuple[!dir].dst); return; err_flow_add: |