summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2014-06-10 10:53:00 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2014-06-16 13:07:29 +0200
commit5bc5c307653cbf8fe9da6cbd8ae6c6bd5b86ff4b (patch)
tree74d2777a909bbbbe2a94139439643ca1d711a911 /net
parentnetfilter: ctnetlink: fix refcnt leak in dying/unconfirmed list dumper (diff)
downloadlinux-5bc5c307653cbf8fe9da6cbd8ae6c6bd5b86ff4b.tar.xz
linux-5bc5c307653cbf8fe9da6cbd8ae6c6bd5b86ff4b.zip
netfilter: nf_tables: use RCU-safe list insertion when replacing rules
The patch 5e94846 ("netfilter: nf_tables: add insert operation") did not include RCU-safe list insertion when replacing rules. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r--net/netfilter/nf_tables_api.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 624e083125b9..ba37c10e5139 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -1796,7 +1796,7 @@ static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb,
goto err2;
}
nft_rule_disactivate_next(net, old_rule);
- list_add_tail(&rule->list, &old_rule->list);
+ list_add_tail_rcu(&rule->list, &old_rule->list);
} else {
err = -ENOENT;
goto err2;