Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 887464a4 authored by Alexey Dobriyan's avatar Alexey Dobriyan Committed by David S. Miller
Browse files

netfilter: nf_conntrack_gre: more locking around keymap list 



gre_keymap_list should be protected in all places.
(unless I'm misreading something)

Signed-off-by: default avatarAlexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 66bf7918

net/netfilter/nf_conntrack_proto_gre.c

+5 −1
Original line number Diff line number Diff line
@@ -97,10 +97,14 @@ int nf_ct_gre_keymap_add(struct nf_conn *ct, enum ip_conntrack_dir dir, 
	kmp = &help->help.ct_pptp_info.keymap[dir];

	if (*kmp) {

		/* check whether it's a retransmission */

		read_lock_bh(&nf_ct_gre_lock);

		list_for_each_entry(km, &gre_keymap_list, list) {

			if (gre_key_cmpfn(km, t) && km == *kmp)

			if (gre_key_cmpfn(km, t) && km == *kmp) {

				read_unlock_bh(&nf_ct_gre_lock);

				return 0;

			}

		}

		read_unlock_bh(&nf_ct_gre_lock);

		pr_debug("trying to override keymap_%s for ct %p\n",

			 dir == IP_CT_DIR_REPLY ? "reply" : "orig", ct);

		return -EEXIST;