Skip to content
Commit 339031ba authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso
Browse files

netfilter: conntrack: fix boot failure with nf_conntrack.enable_hooks=1 



This is a revert of
7b1957b0 ("netfilter: nf_defrag_ipv4: use net_generic infra")
and a partial revert of
8b0adbe3 ("netfilter: nf_defrag_ipv6: use net_generic infra").

If conntrack is builtin and kernel is booted with:
nf_conntrack.enable_hooks=1

.... kernel will fail to boot due to a NULL deref in
nf_defrag_ipv4_enable(): Its called before the ipv4 defrag initcall is
made, so net_generic() returns NULL.

To resolve this, move the user refcount back to struct net so calls
to those functions are possible even before their initcalls have run.

Fixes: 7b1957b0 ("netfilter: nf_defrag_ipv4: use net_generic infra")
Fixes: 8b0adbe3 ("netfilter: nf_defrag_ipv6: use net_generic infra").
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 3b1b6e82
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment