Skip to content

Commit 43b18db

Browse files
committed
Merge branch 'master' of git://1984.lsi.us.es/nf
Pablo Neira Ayuso says: ==================== The following patchset contains Netfilter fixes for your net tree, they are: * Don't generate audit log message if audit is not enabled, from Gao Feng. * Fix logging formatting for packets dropped by helpers, by Joe Perches. * Fix a compilation warning in nfnetlink if CONFIG_PROVE_RCU is not set, from Paul Bolle. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
2 parents 8b4cd8a + 9df9e78 commit 43b18db

3 files changed

Lines changed: 14 additions & 7 deletions

File tree

net/netfilter/nf_conntrack_helper.c

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -339,6 +339,13 @@ void nf_ct_helper_log(struct sk_buff *skb, const struct nf_conn *ct,
339339
{
340340
const struct nf_conn_help *help;
341341
const struct nf_conntrack_helper *helper;
342+
struct va_format vaf;
343+
va_list args;
344+
345+
va_start(args, fmt);
346+
347+
vaf.fmt = fmt;
348+
vaf.va = &args;
342349

343350
/* Called from the helper function, this call never fails */
344351
help = nfct_help(ct);
@@ -347,7 +354,9 @@ void nf_ct_helper_log(struct sk_buff *skb, const struct nf_conn *ct,
347354
helper = rcu_dereference(help->helper);
348355

349356
nf_log_packet(nf_ct_l3num(ct), 0, skb, NULL, NULL, NULL,
350-
"nf_ct_%s: dropping packet: %s ", helper->name, fmt);
357+
"nf_ct_%s: dropping packet: %pV ", helper->name, &vaf);
358+
359+
va_end(args);
351360
}
352361
EXPORT_SYMBOL_GPL(nf_ct_helper_log);
353362

net/netfilter/nfnetlink.c

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -62,11 +62,6 @@ void nfnl_unlock(__u8 subsys_id)
6262
}
6363
EXPORT_SYMBOL_GPL(nfnl_unlock);
6464

65-
static struct mutex *nfnl_get_lock(__u8 subsys_id)
66-
{
67-
return &table[subsys_id].mutex;
68-
}
69-
7065
int nfnetlink_subsys_register(const struct nfnetlink_subsystem *n)
7166
{
7267
nfnl_lock(n->subsys_id);
@@ -199,7 +194,7 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
199194
rcu_read_unlock();
200195
nfnl_lock(subsys_id);
201196
if (rcu_dereference_protected(table[subsys_id].subsys,
202-
lockdep_is_held(nfnl_get_lock(subsys_id))) != ss ||
197+
lockdep_is_held(&table[subsys_id].mutex)) != ss ||
203198
nfnetlink_find_client(type, ss) != nc)
204199
err = -EAGAIN;
205200
else if (nc->call)

net/netfilter/xt_AUDIT.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -124,6 +124,9 @@ audit_tg(struct sk_buff *skb, const struct xt_action_param *par)
124124
const struct xt_audit_info *info = par->targinfo;
125125
struct audit_buffer *ab;
126126

127+
if (audit_enabled == 0)
128+
goto errout;
129+
127130
ab = audit_log_start(NULL, GFP_ATOMIC, AUDIT_NETFILTER_PKT);
128131
if (ab == NULL)
129132
goto errout;

0 commit comments

Comments
 (0)