summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPhil Oester <kernel@linuxace.com>2013-08-27 16:41:40 -0700
committerDavid S. Miller <davem@davemloft.net>2013-08-30 16:02:04 -0400
commiteb8895debe1baba41fcb62c78a16f0c63c21662a (patch)
tree34d0b152e89843164b89f7c191877e6c15267c2a
parentcc0fdd802859eaeb00e1c87dbb655594bed2844c (diff)
downloadlinux-eb8895debe1baba41fcb62c78a16f0c63c21662a.tar.gz
linux-eb8895debe1baba41fcb62c78a16f0c63c21662a.tar.bz2
linux-eb8895debe1baba41fcb62c78a16f0c63c21662a.zip
tcp: tcp_make_synack() should use sock_wmalloc
In commit 90ba9b19 (tcp: tcp_make_synack() can use alloc_skb()), Eric changed the call to sock_wmalloc in tcp_make_synack to alloc_skb. In doing so, the netfilter owner match lost its ability to block the SYNACK packet on outbound listening sockets. Revert the change, restoring the owner match functionality. This closes netfilter bugzilla #847. Signed-off-by: Phil Oester <kernel@linuxace.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/tcp_output.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index e2972993c671..170737a9d56d 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -2670,7 +2670,7 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
int tcp_header_size;
int mss;
- skb = alloc_skb(MAX_TCP_HEADER + 15, sk_gfp_atomic(sk, GFP_ATOMIC));
+ skb = sock_wmalloc(sk, MAX_TCP_HEADER + 15, 1, GFP_ATOMIC);
if (unlikely(!skb)) {
dst_release(dst);
return NULL;