[NETFILTER]: Fix kernel panic with REDIRECT target.

[linux-2.6-omap-h63xx.git] / net / unix / af_unix.c

diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 6996cba5aa9664ac99f706b626137d98fb99d286..e835da8fc09184f8e2dddcba9c471922af1b1165 100644 (file)
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -457,7 +457,7 @@ static int unix_release_sock (struct sock *sk, int embrion)
         *        What the above comment does talk about? --ANK(980817)
         */
 
-       if (atomic_read(&unix_tot_inflight))
+       if (unix_tot_inflight)
                unix_gc();              /* Garbage collect fds */
 
        return 0;
@@ -483,7 +483,7 @@ static int unix_listen(struct socket *sock, int backlog)
        sk->sk_max_ack_backlog  = backlog;
        sk->sk_state            = TCP_LISTEN;
        /* set credentials so connect can copy them */
-       sk->sk_peercred.pid     = current->tgid;
+       sk->sk_peercred.pid     = task_tgid_vnr(current);
        sk->sk_peercred.uid     = current->euid;
        sk->sk_peercred.gid     = current->egid;
        err = 0;
@@ -599,15 +599,14 @@ static struct sock * unix_create1(struct net *net, struct socket *sock)
        struct sock *sk = NULL;
        struct unix_sock *u;
 
-       if (atomic_read(&unix_nr_socks) >= 2*get_max_files())
+       atomic_inc(&unix_nr_socks);
+       if (atomic_read(&unix_nr_socks) > 2 * get_max_files())
                goto out;
 
-       sk = sk_alloc(net, PF_UNIX, GFP_KERNEL, &unix_proto, 1);
+       sk = sk_alloc(net, PF_UNIX, GFP_KERNEL, &unix_proto);
        if (!sk)
                goto out;
 
-       atomic_inc(&unix_nr_socks);
-
        sock_init_data(sock,sk);
        lockdep_set_class(&sk->sk_receive_queue.lock,
                                &af_unix_sk_receive_queue_lock_key);
@@ -625,6 +624,8 @@ static struct sock * unix_create1(struct net *net, struct socket *sock)
        init_waitqueue_head(&u->peer_wait);
        unix_insert_socket(unix_sockets_unbound, sk);
 out:
+       if (sk == NULL)
+               atomic_dec(&unix_nr_socks);
        return sk;
 }
 
@@ -1133,7 +1134,7 @@ restart:
        unix_peer(newsk)        = sk;
        newsk->sk_state         = TCP_ESTABLISHED;
        newsk->sk_type          = sk->sk_type;
-       newsk->sk_peercred.pid  = current->tgid;
+       newsk->sk_peercred.pid  = task_tgid_vnr(current);
        newsk->sk_peercred.uid  = current->euid;
        newsk->sk_peercred.gid  = current->egid;
        newu = unix_sk(newsk);
@@ -1194,7 +1195,7 @@ static int unix_socketpair(struct socket *socka, struct socket *sockb)
        sock_hold(skb);
        unix_peer(ska)=skb;
        unix_peer(skb)=ska;
-       ska->sk_peercred.pid = skb->sk_peercred.pid = current->tgid;
+       ska->sk_peercred.pid = skb->sk_peercred.pid = task_tgid_vnr(current);
        ska->sk_peercred.uid = skb->sk_peercred.uid = current->euid;
        ska->sk_peercred.gid = skb->sk_peercred.gid = current->egid;