From 87131f2882220e0b5d64e2b611f8cd6eb6331d78 Mon Sep 17 00:00:00 2001 From: Serhey Popovych Date: Thu, 5 Mar 2020 17:28:24 +0200 Subject: ip_set: Fix compatibility with kernels between v3.3 and v4.5 These kernels does not have in their @struct netlink_dump_control method that is used to prepare for netlink dump ->start(). This affects all kernels that does not contain commit fc9e50f5a5a4 ("netlink: add a start callback for starting a netlink dump"). Introduce fake value of HAVE_NETLINK_DUMP_START_ARGS equal to 7 that never spot in the wild and set HAVE_NETLINK_DUMP_START_ARGS to 4 only after explicit test if ->start() is available. Fixes: 7725bf5ba041 ("netfilter: ipset: fix suspicious RCU usage in find_set_and_id") Signed-off-by: Serhey Popovych Signed-off-by: Jozsef Kadlecsik --- configure.ac | 6 +++++- kernel/net/netfilter/ipset/ip_set_core.c | 2 ++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index c707755..d3a2758 100644 --- a/configure.ac +++ b/configure.ac @@ -319,9 +319,13 @@ elif test -f $ksourcedir/include/linux/netlink.h && \ $AWK '/ netlink_dump_start\(/,/\)/' $ksourcedir/include/linux/netlink.h | $GREP -q 'min_dump_alloc.*;'; then AC_MSG_RESULT(6 args) AC_SUBST(HAVE_NETLINK_DUMP_START_ARGS, 6) -else +elif test -f $ksourcedir/include/linux/netlink.h && \ + $AWK '/^struct netlink_dump_control {/,/\}/' $ksourcedir/include/linux/netlink.h | $GREP -q '\(\*start\)'; then AC_MSG_RESULT(4 args) AC_SUBST(HAVE_NETLINK_DUMP_START_ARGS, 4) +else + AC_MSG_RESULT(7 fake args) + AC_SUBST(HAVE_NETLINK_DUMP_START_ARGS, 7) fi AC_MSG_CHECKING([kernel source for ns_capable]) diff --git a/kernel/net/netfilter/ipset/ip_set_core.c b/kernel/net/netfilter/ipset/ip_set_core.c index 082d89d..906d01a 100644 --- a/kernel/net/netfilter/ipset/ip_set_core.c +++ b/kernel/net/netfilter/ipset/ip_set_core.c @@ -1734,7 +1734,9 @@ IPSET_CBFN(ip_set_dump, struct net *net, struct sock *ctnl, #else { struct netlink_dump_control c = { +#if HAVE_NETLINK_DUMP_START_ARGS == 4 .start = ip_set_dump_start, +#endif .dump = ip_set_dump_do, .done = ip_set_dump_done, }; -- cgit v1.2.3