netfilter: bridge: refcount fix

commit f216f082b2b37c4943f1e7c393e2786648d48f6f
([NETFILTER]: bridge netfilter: deal with martians correctly)
added a refcount leak on in_dev.

Instead of using in_dev_get(), we can use __in_dev_get_rcu(),
as netfilter hooks are running under rcu_read_lock(), as pointed
by Patrick.

Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>

diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 4fde7425077d7401a52a263883caddacc1536dde..907a82e9023d1d4cb09a82c677afad229657ca34 100644 (file)
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -359,7 +359,7 @@ static int br_nf_pre_routing_finish(struct sk_buff *skb)
                                },
                                .proto = 0,
                        };
-                       struct in_device *in_dev = in_dev_get(dev);
+                       struct in_device *in_dev = __in_dev_get_rcu(dev);
 
                        /* If err equals -EHOSTUNREACH the error is due to a
                         * martian destination or due to the fact that