struct ctnl_timeout *timeout;
struct nf_conn_timeout *timeout_ext;
+ rcu_read_lock();
timeout_find_get =
rcu_dereference(nf_ct_timeout_find_get_hook);
ret = -EINVAL;
pr_info("You cannot use inversion on "
"L4 protocol\n");
- goto err3;
+ goto err4;
}
timeout = timeout_find_get(info->timeout);
if (timeout == NULL) {
ret = -ENOENT;
pr_info("No such timeout policy \"%s\"\n",
info->timeout);
- goto err3;
+ goto err4;
}
if (timeout->l3num != par->family) {
ret = -EINVAL;
pr_info("Timeout policy `%s' can only be "
"used by L3 protocol number %d\n",
info->timeout, timeout->l3num);
- goto err3;
+ goto err4;
}
if (timeout->l4proto->l4proto != e->ip.proto) {
ret = -EINVAL;
"used by L4 protocol number %d\n",
info->timeout,
timeout->l4proto->l4proto);
- goto err3;
+ goto err4;
}
timeout_ext = nf_ct_timeout_ext_add(ct, timeout,
GFP_KERNEL);
if (timeout_ext == NULL) {
ret = -ENOMEM;
- goto err3;
+ goto err4;
}
} else {
ret = -ENOENT;
pr_info("Timeout policy base is empty\n");
- goto err3;
+ goto err4;
}
+ rcu_read_unlock();
}
#endif
info->ct = ct;
return 0;
+err4:
+ rcu_read_unlock();
err3:
nf_conntrack_free(ct);
err2:
nf_ct_l3proto_module_put(par->family);
#ifdef CONFIG_NF_CONNTRACK_TIMEOUT
+ rcu_read_lock();
timeout_put = rcu_dereference(nf_ct_timeout_put_hook);
if (timeout_put) {
if (timeout_ext)
timeout_put(timeout_ext->timeout);
}
+ rcu_read_unlock();
#endif
}
nf_ct_put(info->ct);