R0dn3yS/android_kernel_xiaomi_sm7250
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f3674eb0fb
android_kernel_xiaomi_sm7250/include/net/tc_act
History
Davide Caratti 2b0e6d6bf0 net/sched: don't dereference a->goto_chain to read the chain index 
[ Upstream commit fe384e2fa36ca084a456fd30558cccc75b4b3fbd ]

callers of tcf_gact_goto_chain_index() can potentially read an old value
of the chain index, or even dereference a NULL 'goto_chain' pointer,
because 'goto_chain' and 'tcfa_action' are read in the traffic path
without caring of concurrent write in the control path. The most recent
value of chain index can be read also from a->tcfa_action (it's encoded
there together with TC_ACT_GOTO_CHAIN bits), so we don't really need to
dereference 'goto_chain': just read the chain id from the control action.

Fixes: e457d86ada ("net: sched: add couple of goto_chain helpers")
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin (Microsoft) <sashal@kernel.org>
2019-05-04 09:20:18 +02:00
..
tc_bpf.h
tc_connmark.h
tc_csum.h net/sched: act_csum: fix NULL dereference when 'goto chain' is used 2018-07-07 22:01:08 +09:00
tc_defact.h
tc_gact.h net/sched: don't dereference a->goto_chain to read the chain index 2019-05-04 09:20:18 +02:00
tc_ife.h
tc_ipt.h
tc_mirred.h
tc_nat.h
tc_pedit.h net sched actions: fix coding style in pedit headers 2018-06-28 22:12:03 +09:00
tc_sample.h
tc_skbedit.h net/sched: act_skbedit: don't use spinlock in the data path 2018-07-12 14:54:12 -07:00
tc_skbmod.h
tc_tunnel_key.h net/sched: act_tunnel_key: fix NULL dereference when 'goto chain' is used 2018-07-07 22:01:08 +09:00
tc_vlan.h