[Devel,RHEL7,COMMIT] ve/net: Delete allow_conntrack_allocation() from nf_synproxy

Submitted by Konstantin Khorenko on Nov. 7, 2016, 8 a.m.

Details

Message ID 201611070800.uA7805BH028231@finist_cl7.x64_64.work.ct
State New
Series "ve/net: Delete allow_conntrack_allocation() from nf_synproxy"
Headers show

Commit Message

Konstantin Khorenko Nov. 7, 2016, 8 a.m.
The commit is pushed to "branch-rh7-3.10.0-493.vz7.25.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-493.el7
------>
commit e31e4ae69d4348db20adf6bc1c1ff5ffa1b27232
Author: Kirill Tkhai <ktkhai@virtuozzo.com>
Date:   Mon Nov 7 12:00:04 2016 +0400

    ve/net: Delete allow_conntrack_allocation() from nf_synproxy
    
    Since nf_conntrack_alloc() is not called there anymore,
    it's not need to allow CT allocation there.
    
    To be merged to commit 894c8a374856
    "net: Mark conntrack users in xtables".
    
    https://jira.sw.ru/browse/PSBM-54823
    
    Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
---
 net/netfilter/nf_synproxy_core.c | 1 -
 1 file changed, 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/net/netfilter/nf_synproxy_core.c b/net/netfilter/nf_synproxy_core.c
index cf5428f1..8d69ddd 100644
--- a/net/netfilter/nf_synproxy_core.c
+++ b/net/netfilter/nf_synproxy_core.c
@@ -353,7 +353,6 @@  static int __net_init synproxy_net_init(struct net *net)
 	struct nf_conn *ct;
 	int err = -ENOMEM;
 
-	allow_conntrack_allocation(net);
 	ct = nf_ct_tmpl_alloc(net, &nf_ct_zone_dflt, GFP_KERNEL);
 	if (!ct)
 		goto err1;