diff options
| author | David S. Miller <davem@davemloft.net> | 2020-12-10 05:55:46 +0300 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2020-12-10 05:55:46 +0300 |
| commit | b7e4ba9a91dffd298d940b4d3f173121ff829a32 (patch) | |
| tree | 377e5c1059bfdd5b30090ef84e2d4b8ee45fdcc1 /include/linux | |
| parent | 88287773ff6f53c47e1902ae3ae19084ef5c69aa (diff) | |
| parent | 2d94b20b95b009eec1a267dcf026b01af627c0cd (diff) | |
| download | linux-b7e4ba9a91dffd298d940b4d3f173121ff829a32.tar.xz | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
The following patchset contains Netfilter fixes for net:
1) Switch to RCU in x_tables to fix possible NULL pointer dereference,
from Subash Abhinov Kasiviswanathan.
2) Fix netlink dump of dynset timeouts later than 23 days.
3) Add comment for the indirect serialization of the nft commit mutex
with rtnl_mutex.
4) Remove bogus check for confirmed conntrack when matching on the
conntrack ID, from Brett Mastbergen.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/netfilter/x_tables.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index 5deb099d156d..8ebb64193757 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h @@ -227,7 +227,7 @@ struct xt_table { unsigned int valid_hooks; /* Man behind the curtain... */ - struct xt_table_info *private; + struct xt_table_info __rcu *private; /* Set this to THIS_MODULE if you are a module, otherwise NULL */ struct module *me; @@ -448,6 +448,9 @@ xt_get_per_cpu_counter(struct xt_counters *cnt, unsigned int cpu) struct nf_hook_ops *xt_hook_ops_alloc(const struct xt_table *, nf_hookfn *); +struct xt_table_info +*xt_table_get_private_protected(const struct xt_table *table); + #ifdef CONFIG_COMPAT #include <net/compat.h> |