[NETFILTER]: nfnetlink_queue: fix EPERM when binding/unbinding and instance 0 exists
Similar to the nfnetlink_log problem, nfnetlink_queue incorrectly returns -EPERM when binding or unbinding to an address family and queueing instance 0 exists and is owned by a different process. Unlike nfnetlink_log it previously completes the operation, but it is still incorrect. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Родитель
b7047a1c88
Коммит
914afea84e
|
@ -703,19 +703,12 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
|
||||||
/* Commands without queue context - might sleep */
|
/* Commands without queue context - might sleep */
|
||||||
switch (cmd->command) {
|
switch (cmd->command) {
|
||||||
case NFQNL_CFG_CMD_PF_BIND:
|
case NFQNL_CFG_CMD_PF_BIND:
|
||||||
ret = nf_register_queue_handler(ntohs(cmd->pf),
|
return nf_register_queue_handler(ntohs(cmd->pf),
|
||||||
&nfqh);
|
&nfqh);
|
||||||
break;
|
|
||||||
case NFQNL_CFG_CMD_PF_UNBIND:
|
case NFQNL_CFG_CMD_PF_UNBIND:
|
||||||
ret = nf_unregister_queue_handler(ntohs(cmd->pf),
|
return nf_unregister_queue_handler(ntohs(cmd->pf),
|
||||||
&nfqh);
|
&nfqh);
|
||||||
break;
|
|
||||||
default:
|
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret < 0)
|
|
||||||
return ret;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
|
|
Загрузка…
Ссылка в новой задаче