]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ccfe71b) | patch
netfilter: nf_tables: can't assume lock is acquired when dumping set elems
authorLiping Zhang <zlpnobody@gmail.com>
Sun, 14 May 2017 13:35:22 +0000 (21:35 +0800)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 15 May 2017 10:51:39 +0000 (12:51 +0200)
commit6a3da046eb380cf480d0313a5c52664ea8f02fc2
tree7e3e452796daa0e76cd98d2fcb97134dbedd98fatree | snapshot
parentccfe71b7a0c772278eb29e42186803ab87675e34commit | diff
netfilter: nf_tables: can't assume lock is acquired when dumping set elems

When dumping the elements related to a specified set, we may invoke the
nf_tables_dump_set with the NFNL_SUBSYS_NFTABLES lock not acquired. So
we should use the proper rcu operation to avoid race condition, just
like other nft dump operations.

Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_tables_api.c diff | blob | history
net/netfilter/nft_set_hash.c diff | blob | history
Linux Kernel Source Tree.