nf: qtaguid: workaround xt_socket_get_sk() returning bad SKs.
authorJP Abgrall <jpa@google.com>
Tue, 28 Jun 2011 04:03:04 +0000 (21:03 -0700)
committerDan Willemsen <dwillemsen@nvidia.com>
Thu, 1 Dec 2011 05:38:43 +0000 (21:38 -0800)
commit70c55b8b4faf751a63eaf57fc6eff9ac196bcedd
tree714ff1b0ba54a9d863561bb78c1d53035262f312
parent370a7730afe97223c49ed22fb1bd3acc9847a58f
nf: qtaguid: workaround xt_socket_get_sk() returning bad SKs.

(This is a direct cherry pick from 2.6.39: Id2a9912b)

* xt_socket_get_sk() returns invalid sockets when the sk_state is TCP_TIME_WAIT.
Added detection of time-wait.
* Added more constrained usage: qtaguid insures that xt_socket_get*_sk() is
not invoked for unexpected hooks or protocols (but I have not seen those
active at the point where the returned sk is bad).

Signed-off-by: JP Abgrall <jpa@google.com>
Change-Id: Id2a9912bb451a3e59d012fc55bbbd40fbb90693f
net/netfilter/xt_qtaguid.c