aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--net/bridge/netfilter/ebt_ulog.c9
-rw-r--r--net/ipv4/netfilter/arp_tables.c5
-rw-r--r--net/ipv4/netfilter/ip_tables.c5
-rw-r--r--net/ipv4/netfilter/ipt_ULOG.c7
-rw-r--r--net/ipv6/netfilter/ip6_tables.c5
-rw-r--r--net/netfilter/x_tables.c7
6 files changed, 25 insertions, 13 deletions
diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c
index 518093802d1d..7c470c371e14 100644
--- a/net/bridge/netfilter/ebt_ulog.c
+++ b/net/bridge/netfilter/ebt_ulog.c
@@ -181,6 +181,7 @@ static void ebt_ulog_packet(struct net *net, unsigned int hooknr,
181 ub->qlen++; 181 ub->qlen++;
182 182
183 pm = nlmsg_data(nlh); 183 pm = nlmsg_data(nlh);
184 memset(pm, 0, sizeof(*pm));
184 185
185 /* Fill in the ulog data */ 186 /* Fill in the ulog data */
186 pm->version = EBT_ULOG_VERSION; 187 pm->version = EBT_ULOG_VERSION;
@@ -193,8 +194,6 @@ static void ebt_ulog_packet(struct net *net, unsigned int hooknr,
193 pm->hook = hooknr; 194 pm->hook = hooknr;
194 if (uloginfo->prefix != NULL) 195 if (uloginfo->prefix != NULL)
195 strcpy(pm->prefix, uloginfo->prefix); 196 strcpy(pm->prefix, uloginfo->prefix);
196 else
197 *(pm->prefix) = '\0';
198 197
199 if (in) { 198 if (in) {
200 strcpy(pm->physindev, in->name); 199 strcpy(pm->physindev, in->name);
@@ -204,16 +203,14 @@ static void ebt_ulog_packet(struct net *net, unsigned int hooknr,
204 strcpy(pm->indev, br_port_get_rcu(in)->br->dev->name); 203 strcpy(pm->indev, br_port_get_rcu(in)->br->dev->name);
205 else 204 else
206 strcpy(pm->indev, in->name); 205 strcpy(pm->indev, in->name);
207 } else 206 }
208 pm->indev[0] = pm->physindev[0] = '\0';
209 207
210 if (out) { 208 if (out) {
211 /* If out exists, then out is a bridge port */ 209 /* If out exists, then out is a bridge port */
212 strcpy(pm->physoutdev, out->name); 210 strcpy(pm->physoutdev, out->name);
213 /* rcu_read_lock()ed by nf_hook_slow */ 211 /* rcu_read_lock()ed by nf_hook_slow */
214 strcpy(pm->outdev, br_port_get_rcu(out)->br->dev->name); 212 strcpy(pm->outdev, br_port_get_rcu(out)->br->dev->name);
215 } else 213 }
216 pm->outdev[0] = pm->physoutdev[0] = '\0';
217 214
218 if (skb_copy_bits(skb, -ETH_HLEN, pm->data, copy_len) < 0) 215 if (skb_copy_bits(skb, -ETH_HLEN, pm->data, copy_len) < 0)
219 BUG(); 216 BUG();
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index 85a4f21aac1a..59da7cde0724 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -271,6 +271,11 @@ unsigned int arpt_do_table(struct sk_buff *skb,
271 local_bh_disable(); 271 local_bh_disable();
272 addend = xt_write_recseq_begin(); 272 addend = xt_write_recseq_begin();
273 private = table->private; 273 private = table->private;
274 /*
275 * Ensure we load private-> members after we've fetched the base
276 * pointer.
277 */
278 smp_read_barrier_depends();
274 table_base = private->entries[smp_processor_id()]; 279 table_base = private->entries[smp_processor_id()];
275 280
276 e = get_entry(table_base, private->hook_entry[hook]); 281 e = get_entry(table_base, private->hook_entry[hook]);
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index d23118d95ff9..718dfbd30cbe 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -327,6 +327,11 @@ ipt_do_table(struct sk_buff *skb,
327 addend = xt_write_recseq_begin(); 327 addend = xt_write_recseq_begin();
328 private = table->private; 328 private = table->private;
329 cpu = smp_processor_id(); 329 cpu = smp_processor_id();
330 /*
331 * Ensure we load private-> members after we've fetched the base
332 * pointer.
333 */
334 smp_read_barrier_depends();
330 table_base = private->entries[cpu]; 335 table_base = private->entries[cpu];
331 jumpstack = (struct ipt_entry **)private->jumpstack[cpu]; 336 jumpstack = (struct ipt_entry **)private->jumpstack[cpu];
332 stackptr = per_cpu_ptr(private->stackptr, cpu); 337 stackptr = per_cpu_ptr(private->stackptr, cpu);
diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c
index cbc22158af49..9cb993cd224b 100644
--- a/net/ipv4/netfilter/ipt_ULOG.c
+++ b/net/ipv4/netfilter/ipt_ULOG.c
@@ -220,6 +220,7 @@ static void ipt_ulog_packet(struct net *net,
220 ub->qlen++; 220 ub->qlen++;
221 221
222 pm = nlmsg_data(nlh); 222 pm = nlmsg_data(nlh);
223 memset(pm, 0, sizeof(*pm));
223 224
224 /* We might not have a timestamp, get one */ 225 /* We might not have a timestamp, get one */
225 if (skb->tstamp.tv64 == 0) 226 if (skb->tstamp.tv64 == 0)
@@ -238,8 +239,6 @@ static void ipt_ulog_packet(struct net *net,
238 } 239 }
239 else if (loginfo->prefix[0] != '\0') 240 else if (loginfo->prefix[0] != '\0')
240 strncpy(pm->prefix, loginfo->prefix, sizeof(pm->prefix)); 241 strncpy(pm->prefix, loginfo->prefix, sizeof(pm->prefix));
241 else
242 *(pm->prefix) = '\0';
243 242
244 if (in && in->hard_header_len > 0 && 243 if (in && in->hard_header_len > 0 &&
245 skb->mac_header != skb->network_header && 244 skb->mac_header != skb->network_header &&
@@ -251,13 +250,9 @@ static void ipt_ulog_packet(struct net *net,
251 250
252 if (in) 251 if (in)
253 strncpy(pm->indev_name, in->name, sizeof(pm->indev_name)); 252 strncpy(pm->indev_name, in->name, sizeof(pm->indev_name));
254 else
255 pm->indev_name[0] = '\0';
256 253
257 if (out) 254 if (out)
258 strncpy(pm->outdev_name, out->name, sizeof(pm->outdev_name)); 255 strncpy(pm->outdev_name, out->name, sizeof(pm->outdev_name));
259 else
260 pm->outdev_name[0] = '\0';
261 256
262 /* copy_len <= skb->len, so can't fail. */ 257 /* copy_len <= skb->len, so can't fail. */
263 if (skb_copy_bits(skb, 0, pm->payload, copy_len) < 0) 258 if (skb_copy_bits(skb, 0, pm->payload, copy_len) < 0)
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index 44400c216dc6..710238f58aa9 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -349,6 +349,11 @@ ip6t_do_table(struct sk_buff *skb,
349 local_bh_disable(); 349 local_bh_disable();
350 addend = xt_write_recseq_begin(); 350 addend = xt_write_recseq_begin();
351 private = table->private; 351 private = table->private;
352 /*
353 * Ensure we load private-> members after we've fetched the base
354 * pointer.
355 */
356 smp_read_barrier_depends();
352 cpu = smp_processor_id(); 357 cpu = smp_processor_id();
353 table_base = private->entries[cpu]; 358 table_base = private->entries[cpu];
354 jumpstack = (struct ip6t_entry **)private->jumpstack[cpu]; 359 jumpstack = (struct ip6t_entry **)private->jumpstack[cpu];
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index 8b03028cca69..227aa11e8409 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -845,8 +845,13 @@ xt_replace_table(struct xt_table *table,
845 return NULL; 845 return NULL;
846 } 846 }
847 847
848 table->private = newinfo;
849 newinfo->initial_entries = private->initial_entries; 848 newinfo->initial_entries = private->initial_entries;
849 /*
850 * Ensure contents of newinfo are visible before assigning to
851 * private.
852 */
853 smp_wmb();
854 table->private = newinfo;
850 855
851 /* 856 /*
852 * Even though table entries have now been swapped, other CPU's 857 * Even though table entries have now been swapped, other CPU's
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-13 15:14:21 -0500