[NETFILTER]: nfnetlink_queue: fix EPERM when binding/unbinding and instance 0 exists
authorPatrick McHardy <kaber@trash.net>
Mon, 10 Mar 2008 23:44:36 +0000 (16:44 -0700)
committerDavid S. Miller <davem@davemloft.net>
Mon, 10 Mar 2008 23:44:36 +0000 (16:44 -0700)
Similar to the nfnetlink_log problem, nfnetlink_queue incorrectly
returns -EPERM when binding or unbinding to an address family and
queueing instance 0 exists and is owned by a different process. Unlike
nfnetlink_log it previously completes the operation, but it is still
incorrect.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/netfilter/nfnetlink_queue.c

index c0cc3d3618a3d8abd878a0cb539e1eae2332e454..012cb69108202c6ac1060847a7050a874e12931c 100644 (file)
@@ -703,19 +703,12 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
                /* Commands without queue context - might sleep */
                switch (cmd->command) {
                case NFQNL_CFG_CMD_PF_BIND:
-                       ret = nf_register_queue_handler(ntohs(cmd->pf),
-                                                       &nfqh);
-                       break;
+                       return nf_register_queue_handler(ntohs(cmd->pf),
+                                                        &nfqh);
                case NFQNL_CFG_CMD_PF_UNBIND:
-                       ret = nf_unregister_queue_handler(ntohs(cmd->pf),
-                                                         &nfqh);
-                       break;
-               default:
-                       break;
+                       return nf_unregister_queue_handler(ntohs(cmd->pf),
+                                                          &nfqh);
                }
-
-               if (ret < 0)
-                       return ret;
        }
 
        rcu_read_lock();