From mboxrd@z Thu Jan 1 00:00:00 1970 From: Nicholas Krause Subject: [PATCH RESEND] bridge:Fix concurrent access issue in the function brnf_get_logical_dev Date: Mon, 1 Feb 2016 22:19:33 -0500 Message-ID: <1454383173-9560-1-git-send-email-xerofoify@gmail.com> Cc: netdev@vger.kernel.org, bridge@lists.linux-foundation.org, linux-kernel@vger.kernel.org, kaber@trash.net, coreteam@netfilter.org, netfilter-devel@vger.kernel.org, kadlec@blackhole.kfki.hu, davem@davemloft.net To: pablo@netfilter.org Return-path: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: bridge-bounces@lists.linux-foundation.org Errors-To: bridge-bounces@lists.linux-foundation.org List-Id: netdev.vger.kernel.org This fixes a concurrent access issue in the function brnf_get_logical_dev by properly locking with the function rcu_read_lock before calling the function vlan_find_dev_deep_rcu and unlocking after this function call as all callers of this function are required to do this in order to improve issues with concurrent access by other threads executing on this data structures simultaneously. Signed-off-by: Nicholas Krause --- net/bridge/br_netfilter_hooks.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c index c8b9bcf..73c84a8 100644 --- a/net/bridge/br_netfilter_hooks.c +++ b/net/bridge/br_netfilter_hooks.c @@ -428,9 +428,10 @@ static struct net_device *brnf_get_logical_dev(struct sk_buff *skb, const struct if (brnf_pass_vlan_indev == 0 || !skb_vlan_tag_present(skb)) return br; + rcu_read_lock(); vlan = __vlan_find_dev_deep_rcu(br, skb->vlan_proto, skb_vlan_tag_get(skb) & VLAN_VID_MASK); - + rcu_read_unlock(); return vlan ? vlan : br; } -- 2.1.4 From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id; bh=+E0RS35K1qfhTXzmMf4araoGKCY0lxVoDg4hDmKzBak=; b=r/SwXh/+qmaAMcQOGJsmjBAPil+4F3PoUVpsvID1/Gb+B7PHT/gKNz2i+PX042yNoC eV+q2Z6WGAJ7hiY4siUnYgT2ooO/gtFO+M9LrkKPZzqRS7beEHpTnzKdKwEnUMSr5+AQ 9uH/QNw3m8h5DOXR6CFlAYxzSRFj6sNQq3I6OnQMYgn+s9kcKS1EcCu+6CyUwTQvvc61 46r0HWvxD9iX0trabAq78m1CsQRYz698lDH1u1fwHXDlyeyMmBuFDZlpbMb76Wb/ico+ tlUAUWCBn/tlaITSaqasGxulynY/aRuW7+f8aSKMLzBiftX2szqkvMeXPeITn4092MQ+ RSjQ== From: Nicholas Krause Date: Mon, 1 Feb 2016 22:19:33 -0500 Message-Id: <1454383173-9560-1-git-send-email-xerofoify@gmail.com> Subject: [Bridge] [PATCH RESEND] bridge:Fix concurrent access issue in the function brnf_get_logical_dev List-Id: Linux Ethernet Bridging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: pablo@netfilter.org Cc: netdev@vger.kernel.org, bridge@lists.linux-foundation.org, linux-kernel@vger.kernel.org, kaber@trash.net, coreteam@netfilter.org, netfilter-devel@vger.kernel.org, kadlec@blackhole.kfki.hu, davem@davemloft.net This fixes a concurrent access issue in the function brnf_get_logical_dev by properly locking with the function rcu_read_lock before calling the function vlan_find_dev_deep_rcu and unlocking after this function call as all callers of this function are required to do this in order to improve issues with concurrent access by other threads executing on this data structures simultaneously. Signed-off-by: Nicholas Krause --- net/bridge/br_netfilter_hooks.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c index c8b9bcf..73c84a8 100644 --- a/net/bridge/br_netfilter_hooks.c +++ b/net/bridge/br_netfilter_hooks.c @@ -428,9 +428,10 @@ static struct net_device *brnf_get_logical_dev(struct sk_buff *skb, const struct if (brnf_pass_vlan_indev == 0 || !skb_vlan_tag_present(skb)) return br; + rcu_read_lock(); vlan = __vlan_find_dev_deep_rcu(br, skb->vlan_proto, skb_vlan_tag_get(skb) & VLAN_VID_MASK); - + rcu_read_unlock(); return vlan ? vlan : br; } -- 2.1.4