hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

netfilter: nf_tables: atomic allocation in set notifications from rcu callback 

Use GFP_ATOMIC allocations when sending removal notifications of
anonymous sets from rcu callback context. Sleeping in that context
is illegal.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Pablo Neira Ayuso 2014-05-29 10:29:58 +02:00
parent 4fefee570d
commit 31f8441c32
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
net/netfilter/nf_tables_api.c
View File

@ -2191,7 +2191,7 @@ nla_put_failure:
static int nf_tables_set_notify(const struct nft_ctx *ctx, static int nf_tables_set_notify(const struct nft_ctx *ctx,
const struct nft_set *set, const struct nft_set *set,
int event) int event, gfp_t gfp_flags)
{ {
struct sk_buff *skb; struct sk_buff *skb;
u32 portid = ctx->portid; u32 portid = ctx->portid;
@ -2202,7 +2202,7 @@ static int nf_tables_set_notify(const struct nft_ctx *ctx,
return 0; return 0;
err = -ENOBUFS; err = -ENOBUFS;
skb = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); skb = nlmsg_new(NLMSG_GOODSIZE, gfp_flags);
if (skb == NULL) if (skb == NULL)
goto err; goto err;
@ -2213,7 +2213,7 @@ static int nf_tables_set_notify(const struct nft_ctx *ctx,
} }
err = nfnetlink_send(skb, ctx->net, portid, NFNLGRP_NFTABLES, err = nfnetlink_send(skb, ctx->net, portid, NFNLGRP_NFTABLES,
ctx->report, GFP_KERNEL); ctx->report, gfp_flags);
err: err:
if (err < 0) if (err < 0)
nfnetlink_set_err(ctx->net, portid, NFNLGRP_NFTABLES, err); nfnetlink_set_err(ctx->net, portid, NFNLGRP_NFTABLES, err);
@ -2613,7 +2613,7 @@ static void nft_set_destroy(struct nft_set *set)
static void nf_tables_set_destroy(const struct nft_ctx *ctx, struct nft_set *set) static void nf_tables_set_destroy(const struct nft_ctx *ctx, struct nft_set *set)
{ {
list_del(&set->list); list_del(&set->list);
nf_tables_set_notify(ctx, set, NFT_MSG_DELSET); nf_tables_set_notify(ctx, set, NFT_MSG_DELSET, GFP_ATOMIC);
nft_set_destroy(set); nft_set_destroy(set);
} }
@ -3409,12 +3409,12 @@ static int nf_tables_commit(struct sk_buff *skb)
trans->ctx.table->use--; trans->ctx.table->use--;
nf_tables_set_notify(&trans->ctx, nft_trans_set(trans), nf_tables_set_notify(&trans->ctx, nft_trans_set(trans),
NFT_MSG_NEWSET); NFT_MSG_NEWSET, GFP_KERNEL);
nft_trans_destroy(trans); nft_trans_destroy(trans);
break; break;
case NFT_MSG_DELSET: case NFT_MSG_DELSET:
nf_tables_set_notify(&trans->ctx, nft_trans_set(trans), nf_tables_set_notify(&trans->ctx, nft_trans_set(trans),
NFT_MSG_DELSET); NFT_MSG_DELSET, GFP_KERNEL);
break; break;
case NFT_MSG_NEWSETELEM: case NFT_MSG_NEWSETELEM:
nf_tables_setelem_notify(&trans->ctx, nf_tables_setelem_notify(&trans->ctx,