} else if ((verdict & NF_VERDICT_MASK) == NF_QUEUE) {
ret = nf_queue(skb, elem, pf, hook, indev, outdev, okfn,
verdict >> NF_VERDICT_BITS);
- if (ret == -ECANCELED)
- goto next_hook;
+ if (ret < 0) {
+ if (ret == -ECANCELED)
+ goto next_hook;
+ kfree_skb(skb);
+ }
ret = 0;
}
rcu_read_unlock();
/* If it's going away, ignore hook. */
if (!try_module_get(entry->elem->owner)) {
- rcu_read_unlock();
- kfree(entry);
- return -ECANCELED;
+ status = -ECANCELED;
+ goto err_unlock;
}
/* Bump dev refs so they don't vanish while packet is out */
if (indev)
err_unlock:
rcu_read_unlock();
err:
- kfree_skb(skb);
kfree(entry);
return status;
}
}
segs = skb_gso_segment(skb, 0);
- kfree_skb(skb);
/* Does not use PTR_ERR to limit the number of error codes that can be
* returned by nf_queue. For instance, callers rely on -ECANCELED to mean
* 'ignore this hook'.
segs = nskb;
} while (segs);
+ /* also free orig skb if only some segments were queued */
if (unlikely(err && queued))
err = 0;
+ if (err == 0)
+ kfree_skb(skb);
return err;
}
err = __nf_queue(skb, elem, entry->pf, entry->hook,
entry->indev, entry->outdev, entry->okfn,
verdict >> NF_VERDICT_BITS);
- if (err == -ECANCELED)
- goto next_hook;
+ if (err < 0) {
+ if (err == -ECANCELED)
+ goto next_hook;
+ kfree_skb(skb);
+ }
break;
case NF_STOLEN:
default:
projects / GitHub / moto-9609 / android_kernel_motorola_exynos9610.git / commitdiff