summaryrefslogtreecommitdiff
path: root/net/netfilter/xt_TPROXY.c
diff options
context:
space:
mode:
authorLiping Zhang <zlpnobody@gmail.com>2017-04-02 17:27:53 +0800
committerPablo Neira Ayuso <pablo@netfilter.org>2017-04-08 23:52:16 +0200
commit0c7930e5763bdd189bd50035c025a9cbe5e82f23 (patch)
treee050756cd08b43500bc7e2b8a6f803a9f0b376bb /net/netfilter/xt_TPROXY.c
parent3173d5b8c89e67fa3176292ff9af06f09f365348 (diff)
downloadlinux-0c7930e5763bdd189bd50035c025a9cbe5e82f23.tar.gz
linux-0c7930e5763bdd189bd50035c025a9cbe5e82f23.tar.bz2
linux-0c7930e5763bdd189bd50035c025a9cbe5e82f23.zip
netfilter: make it safer during the inet6_dev->addr_list traversal
inet6_dev->addr_list is protected by inet6_dev->lock, so only using rcu_read_lock is not enough, we should acquire read_lock_bh(&idev->lock) before the inet6_dev->addr_list traversal. Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/xt_TPROXY.c')
-rw-r--r--net/netfilter/xt_TPROXY.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/net/netfilter/xt_TPROXY.c b/net/netfilter/xt_TPROXY.c
index 80cb7babeb64..df7f1df00330 100644
--- a/net/netfilter/xt_TPROXY.c
+++ b/net/netfilter/xt_TPROXY.c
@@ -393,7 +393,8 @@ tproxy_laddr6(struct sk_buff *skb, const struct in6_addr *user_laddr,
rcu_read_lock();
indev = __in6_dev_get(skb->dev);
- if (indev)
+ if (indev) {
+ read_lock_bh(&indev->lock);
list_for_each_entry(ifa, &indev->addr_list, if_list) {
if (ifa->flags & (IFA_F_TENTATIVE | IFA_F_DEPRECATED))
continue;
@@ -401,6 +402,8 @@ tproxy_laddr6(struct sk_buff *skb, const struct in6_addr *user_laddr,
laddr = &ifa->addr;
break;
}
+ read_unlock_bh(&indev->lock);
+ }
rcu_read_unlock();
return laddr ? laddr : daddr;
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-09 04:31:51 +0000