From patchwork Mon Sep 12 18:03:13 2011
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tim Gardner <tim.gardner@canonical.com>
X-Patchwork-Id: 114409
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 4B6D2B70D1
	for <patchwork-incoming@ozlabs.org>;
	Tue, 13 Sep 2011 04:03:52 +1000 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753092Ab1ILSD0 (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Mon, 12 Sep 2011 14:03:26 -0400
Received: from mail.tpi.com ([70.99.223.143]:2316 "EHLO mail.tpi.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751819Ab1ILSDY (ORCPT <rfc822;netdev@vger.kernel.org>);
	Mon, 12 Sep 2011 14:03:24 -0400
Received: from sepang.rtg.net (mail.tpi.com [70.99.223.143])
	by mail.tpi.com (Postfix) with ESMTP id 0608C2E5F41;
	Mon, 12 Sep 2011 11:03:15 -0700 (PDT)
Received: from [127.0.0.1] (lochsa [127.0.0.1])
	by sepang.rtg.net (Postfix) with ESMTP id 80C87F89F8;
	Mon, 12 Sep 2011 12:03:13 -0600 (MDT)
Message-ID: <4E6E4961.9070802@canonical.com>
Date: Mon, 12 Sep 2011 12:03:13 -0600
From: Tim Gardner <tim.gardner@canonical.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.21) Gecko/20110831 Thunderbird/3.1.13
MIME-Version: 1.0
To: kaber@trash.net, linux-kernel@vger.kernel.org
CC: David Miller <davem@davemloft.net>,
	netfilter-devel@vger.kernel.org, netfilter@vger.kernel.org,
	coreteam@netfilter.org, netdev@vger.kernel.org
Subject: [PATCH] Check net->nfnl for NULL in ctnetlink_conntrack_event to,
	avoid Oops on container destroy
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Patrick,

I received this patch from a developer that uses lxc and network name 
spaces. I don't know the locking semantics well enough for CT to judge 
whether this fix is sufficient. Bug info can be found at 
http://bugs.launchpad.net/bugs/843892 . See comment #7 for his analysis.

rtg

From dcb64e27c7daaf4affe5b1a617b45a9a0364b4ad Mon Sep 17 00:00:00 2001
From: Alex Bligh <alex@alex.org.uk>
Date: Sat, 10 Sep 2011 13:29:12 +0100
Subject: [PATCH] Check net->nfnl for NULL in ctnetlink_conntrack_event to
 avoid Oops on container destroy


Signed-off-by: Alex Bligh <alex@alex.org.uk>
---
 net/netfilter/nf_conntrack_netlink.c |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 482e90c..0790d0a 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -570,6 +570,11 @@ ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item)
 		return 0;
 
 	net = nf_ct_net(ct);
+
+	/* container deinit, netlink may have died before death_by_timeout */
+	if (!net->nfnl)
+		return 0;
+
 	if (!item->report && !nfnetlink_has_listeners(net, group))
 		return 0;
 
-- 
1.7.5.4