From 3bb13dd4cae022aab8bb7605bb5e3cc97e7523e0 Mon Sep 17 00:00:00 2001 From: Eric Dumazet Date: Fri, 24 May 2019 09:03:35 -0700 Subject: [PATCH] netfilter: ipv6: nf_defrag: no longer reference init_net in nf_ct_frag6_sysctl_table (struct net *)->nf_frag.fqdir will soon be a pointer, so make sure nf_ct_frag6_sysctl_table[] does not reference init_net. nf_ct_frag6_sysctl_register() can perform the needed initialization for all netns. Signed-off-by: Eric Dumazet Signed-off-by: David S. Miller --- net/ipv6/netfilter/nf_conntrack_reasm.c | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c index 46073e9a6c56..3387ce530409 100644 --- a/net/ipv6/netfilter/nf_conntrack_reasm.c +++ b/net/ipv6/netfilter/nf_conntrack_reasm.c @@ -58,26 +58,21 @@ static struct inet_frags nf_frags; static struct ctl_table nf_ct_frag6_sysctl_table[] = { { .procname = "nf_conntrack_frag6_timeout", - .data = &init_net.nf_frag.fqdir.timeout, .maxlen = sizeof(unsigned int), .mode = 0644, .proc_handler = proc_dointvec_jiffies, }, { .procname = "nf_conntrack_frag6_low_thresh", - .data = &init_net.nf_frag.fqdir.low_thresh, .maxlen = sizeof(unsigned long), .mode = 0644, .proc_handler = proc_doulongvec_minmax, - .extra2 = &init_net.nf_frag.fqdir.high_thresh }, { .procname = "nf_conntrack_frag6_high_thresh", - .data = &init_net.nf_frag.fqdir.high_thresh, .maxlen = sizeof(unsigned long), .mode = 0644, .proc_handler = proc_doulongvec_minmax, - .extra1 = &init_net.nf_frag.fqdir.low_thresh }, { } }; @@ -93,15 +88,15 @@ static int nf_ct_frag6_sysctl_register(struct net *net) GFP_KERNEL); if (table == NULL) goto err_alloc; - - table[0].data = &net->nf_frag.fqdir.timeout; - table[1].data = &net->nf_frag.fqdir.low_thresh; - table[1].extra2 = &net->nf_frag.fqdir.high_thresh; - table[2].data = &net->nf_frag.fqdir.high_thresh; - table[2].extra1 = &net->nf_frag.fqdir.low_thresh; - table[2].extra2 = &init_net.nf_frag.fqdir.high_thresh; } + table[0].data = &net->nf_frag.fqdir.timeout; + table[1].data = &net->nf_frag.fqdir.low_thresh; + table[1].extra2 = &net->nf_frag.fqdir.high_thresh; + table[2].data = &net->nf_frag.fqdir.high_thresh; + table[2].extra1 = &net->nf_frag.fqdir.low_thresh; + table[2].extra2 = &init_net.nf_frag.fqdir.high_thresh; + hdr = register_net_sysctl(net, "net/netfilter", table); if (hdr == NULL) goto err_reg;