From aa458c2dd4eacd822f8b55d929f69697dc50bdf1 Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Sun, 29 Mar 2015 12:13:53 +0200 Subject: RCU safe comment extension handling Signed-off-by: Jozsef Kadlecsik --- kernel/net/netfilter/ipset/ip_set_bitmap_gen.h | 14 ++++++++++---- kernel/net/netfilter/ipset/ip_set_list_set.c | 13 +++++++++---- 2 files changed, 19 insertions(+), 8 deletions(-) (limited to 'kernel/net') diff --git a/kernel/net/netfilter/ipset/ip_set_bitmap_gen.h b/kernel/net/netfilter/ipset/ip_set_bitmap_gen.h index dba65b4..381a011 100644 --- a/kernel/net/netfilter/ipset/ip_set_bitmap_gen.h +++ b/kernel/net/netfilter/ipset/ip_set_bitmap_gen.h @@ -203,10 +203,13 @@ mtype_list(const struct ip_set *set, struct nlattr *adt, *nested; void *x; u32 id, first = cb->args[IPSET_CB_ARG0]; + int ret = 0; adt = ipset_nest_start(skb, IPSET_ATTR_ADT); if (!adt) return -EMSGSIZE; + /* Extensions may be replaced */ + rcu_read_lock(); for (; cb->args[IPSET_CB_ARG0] < map->elements; cb->args[IPSET_CB_ARG0]++) { id = cb->args[IPSET_CB_ARG0]; @@ -222,7 +225,8 @@ mtype_list(const struct ip_set *set, if (!nested) { if (id == first) { nla_nest_cancel(skb, adt); - return -EMSGSIZE; + ret = -EMSGSIZE; + goto out; } goto nla_put_failure; @@ -239,16 +243,18 @@ mtype_list(const struct ip_set *set, /* Set listing finished */ cb->args[IPSET_CB_ARG0] = 0; - return 0; + goto out; nla_put_failure: nla_nest_cancel(skb, nested); if (unlikely(id == first)) { cb->args[IPSET_CB_ARG0] = 0; - return -EMSGSIZE; + ret = -EMSGSIZE; } ipset_nest_end(skb, adt); - return 0; +out: + rcu_read_unlock(); + return ret; } static void diff --git a/kernel/net/netfilter/ipset/ip_set_list_set.c b/kernel/net/netfilter/ipset/ip_set_list_set.c index 8edadb5..0b88000 100644 --- a/kernel/net/netfilter/ipset/ip_set_list_set.c +++ b/kernel/net/netfilter/ipset/ip_set_list_set.c @@ -478,6 +478,7 @@ list_set_list(const struct ip_set *set, struct nlattr *atd, *nested; u32 i = 0, first = cb->args[IPSET_CB_ARG0]; struct set_elem *e; + int ret = 0; atd = ipset_nest_start(skb, IPSET_ATTR_ADT); if (!atd) @@ -488,6 +489,7 @@ list_set_list(const struct ip_set *set, i++; } + rcu_read_lock(); list_for_each_entry_from(e, &map->members, list) { i++; if (SET_WITH_TIMEOUT(set) && @@ -497,7 +499,8 @@ list_set_list(const struct ip_set *set, if (!nested) { if (i == first) { nla_nest_cancel(skb, atd); - return -EMSGSIZE; + ret = -EMSGSIZE; + goto out; } goto nla_put_failure; } @@ -512,17 +515,19 @@ list_set_list(const struct ip_set *set, ipset_nest_end(skb, atd); /* Set listing finished */ cb->args[IPSET_CB_ARG0] = 0; - return 0; + goto out; nla_put_failure: nla_nest_cancel(skb, nested); if (unlikely(i == first)) { cb->args[IPSET_CB_ARG0] = 0; - return -EMSGSIZE; + ret = -EMSGSIZE; } cb->args[IPSET_CB_ARG0] = i - 1; ipset_nest_end(skb, atd); - return 0; +out: + rcu_read_unlock(); + return ret; } static bool -- cgit v1.2.3