Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2482509imm; Thu, 7 Jun 2018 11:20:11 -0700 (PDT) X-Google-Smtp-Source: ADUXVKL917U+SxsVhF2odOezDH5YjUDTfVpy40/VusHpMtP5L46nVwYjSOZ41+vZwv37sk1Uti3j X-Received: by 2002:a17:902:aa01:: with SMTP id be1-v6mr3064658plb.296.1528395611670; Thu, 07 Jun 2018 11:20:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528395611; cv=none; d=google.com; s=arc-20160816; b=0YXpwlmU60QNzRPwbsN9HWdK2ZmlXMo2b5UUDkQZfXLPEcR8PiB+4pV6xFBZkWudBk fnThA9b238+jjsOMwkE1L+ZBhN/JRI4eBpP4IPiwm23I6fQ/Y3ddlzzQ6oPJrwd/Sw0I mGE8AtdxzEi6Gn5fGKwuRUR/KqTrHEgpQ6/Cd1RajzWr7QKCJTWPU7/EdqgPWedAp+2+ Fm1w2VkZlJEsH5meB8OjUryZe4b7r0JLUbYdjJwg38EbiNc6apnY4kYIgXcIBux0kjAg oO/k7c5rZVsF2k8ZuW6/6Oeqp+0vjQ2a9iomx47Jky7kQ66jT0b3fkywclb1l1zon+9C aJVQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:subject:message-id:date:cc:to :from:mime-version:content-transfer-encoding:content-disposition :arc-authentication-results; bh=b3n1NeOsCMckPs1IarAPg6uPFCPWoxDQynp5Wn14ag4=; b=dCJeY/3aiXuIh/n4bg+ugJlz2U3LPQk1Yt2/aay34MmUafymsn2bHeT3IgblgC4XcC zsdNt2dOBh9gbZpqV/QKYUBF0+zU7CVnSgHiF2NDkqggokLuGvIjg86uQzihftrMyGOZ m1tkK0HTkTOkC+HN54A460ME8cSiinKUqQjitob1tb1w/iQcpnBwqM7zvYygKA1OTOz9 YHBxPPcoWjBcGoTSeB34IpUKzDN5iWUE9/uLvs+ZLvRpj6GQr0aVGlU1c6UbMsHIjYgb UQqNHq59+vkcckQbpc/YFvGnpMzyrqBuhlzTfhUWABAqOLcbFtPp45Hrm3H9QHr3BmiU rkCw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q86-v6si21518816pfg.298.2018.06.07.11.19.57; Thu, 07 Jun 2018 11:20:11 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S964861AbeFGPBy (ORCPT + 99 others); Thu, 7 Jun 2018 11:01:54 -0400 Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:41416 "EHLO shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S964847AbeFGPBw (ORCPT ); Thu, 7 Jun 2018 11:01:52 -0400 Received: from [148.252.241.226] (helo=deadeye) by shadbolt.decadent.org.uk with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1fQvbh-0005hO-74; Thu, 07 Jun 2018 15:09:41 +0100 Received: from ben by deadeye with local (Exim 4.91) (envelope-from ) id 1fQvb5-0002zE-OR; Thu, 07 Jun 2018 15:09:03 +0100 Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit MIME-Version: 1.0 From: Ben Hutchings To: linux-kernel@vger.kernel.org, stable@vger.kernel.org CC: akpm@linux-foundation.org, "Eric Dumazet" , "" , "Cong Wang" , "Pablo Neira Ayuso" , "Florian Westphal" Date: Thu, 07 Jun 2018 15:05:21 +0100 Message-ID: X-Mailer: LinuxStableQueue (scripts by bwh) Subject: [PATCH 3.16 197/410] netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert In-Reply-To: X-SA-Exim-Connect-IP: 148.252.241.226 X-SA-Exim-Mail-From: ben@decadent.org.uk X-SA-Exim-Scanned: No (on shadbolt.decadent.org.uk); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 3.16.57-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Cong Wang commit 7dc68e98757a8eccf8ca7a53a29b896f1eef1f76 upstream. rateest_hash is supposed to be protected by xt_rateest_mutex, and, as suggested by Eric, lookup and insert should be atomic, so we should acquire the xt_rateest_mutex once for both. So introduce a non-locking helper for internal use and keep the locking one for external. Reported-by: Fixes: 5859034d7eb8 ("[NETFILTER]: x_tables: add RATEEST target") Signed-off-by: Cong Wang Reviewed-by: Florian Westphal Reviewed-by: Eric Dumazet Signed-off-by: Pablo Neira Ayuso [bwh: Backported to 3.16: adjust context] Signed-off-by: Ben Hutchings --- net/netfilter/xt_RATEEST.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) --- a/net/netfilter/xt_RATEEST.c +++ b/net/netfilter/xt_RATEEST.c @@ -40,23 +40,31 @@ static void xt_rateest_hash_insert(struc hlist_add_head(&est->list, &rateest_hash[h]); } -struct xt_rateest *xt_rateest_lookup(const char *name) +static struct xt_rateest *__xt_rateest_lookup(const char *name) { struct xt_rateest *est; unsigned int h; h = xt_rateest_hash(name); - mutex_lock(&xt_rateest_mutex); hlist_for_each_entry(est, &rateest_hash[h], list) { if (strcmp(est->name, name) == 0) { est->refcnt++; - mutex_unlock(&xt_rateest_mutex); return est; } } - mutex_unlock(&xt_rateest_mutex); + return NULL; } + +struct xt_rateest *xt_rateest_lookup(const char *name) +{ + struct xt_rateest *est; + + mutex_lock(&xt_rateest_mutex); + est = __xt_rateest_lookup(name); + mutex_unlock(&xt_rateest_mutex); + return est; +} EXPORT_SYMBOL_GPL(xt_rateest_lookup); void xt_rateest_put(struct xt_rateest *est) @@ -104,8 +112,10 @@ static int xt_rateest_tg_checkentry(cons rnd_inited = true; } - est = xt_rateest_lookup(info->name); + mutex_lock(&xt_rateest_mutex); + est = __xt_rateest_lookup(info->name); if (est) { + mutex_unlock(&xt_rateest_mutex); /* * If estimator parameters are specified, they must match the * existing estimator. @@ -143,11 +153,13 @@ static int xt_rateest_tg_checkentry(cons info->est = est; xt_rateest_hash_insert(est); + mutex_unlock(&xt_rateest_mutex); return 0; err2: kfree(est); err1: + mutex_unlock(&xt_rateest_mutex); return ret; }