diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index ef1c856..212dac3 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c @@ -31,6 +31,7 @@ #include #include #include +#include #include #include @@ -1194,6 +1195,7 @@ int nf_conntrack_set_hashsize(const char *val, struct kernel_param *kp) unsigned int hashsize, old_size; struct hlist_nulls_head *hash, *old_hash; struct nf_conntrack_tuple_hash *h; + struct net *net = current->nsproxy->net_ns; /* On boot, we can set this without any fancy locking. */ if (!nf_conntrack_htable_size) @@ -1213,9 +1215,9 @@ int nf_conntrack_set_hashsize(const char *val, struct kernel_param *kp) * though since that required taking the lock. */ spin_lock_bh(&nf_conntrack_lock); - for (i = 0; i < init_net.ct.htable_size; i++) { - while (!hlist_nulls_empty(&init_net.ct.hash[i])) { - h = hlist_nulls_entry(init_net.ct.hash[i].first, + for (i = 0; i < net->ct.htable_size; i++) { + while (!hlist_nulls_empty(&net->ct.hash[i])) { + h = hlist_nulls_entry(net->ct.hash[i].first, struct nf_conntrack_tuple_hash, hnnode); hlist_nulls_del_rcu(&h->hnnode); bucket = __hash_conntrack(&h->tuple, hashsize, @@ -1223,13 +1225,13 @@ int nf_conntrack_set_hashsize(const char *val, struct kernel_param *kp) hlist_nulls_add_head_rcu(&h->hnnode, &hash[bucket]); } } - old_size = init_net.ct.htable_size; - old_vmalloced = init_net.ct.hash_vmalloc; - old_hash = init_net.ct.hash; + old_size = net->ct.htable_size; + old_vmalloced = net->ct.hash_vmalloc; + old_hash = net->ct.hash; - init_net.ct.htable_size = nf_conntrack_htable_size = hashsize; - init_net.ct.hash_vmalloc = vmalloced; - init_net.ct.hash = hash; + net->ct.htable_size = nf_conntrack_htable_size = hashsize; + net->ct.hash_vmalloc = vmalloced; + net->ct.hash = hash; spin_unlock_bh(&nf_conntrack_lock); nf_ct_free_hashtable(old_hash, old_vmalloced, old_size);