• Dmytro Linkin's avatar
    net: sched: use temporary variable for actions indexes · 7be8ef2c
    Dmytro Linkin authored
    Currently init call of all actions (except ipt) init their 'parm'
    structure as a direct pointer to nla data in skb. This leads to race
    condition when some of the filter actions were initialized successfully
    (and were assigned with idr action index that was written directly
    into nla data), but then were deleted and retried (due to following
    action module missing or classifier-initiated retry), in which case
    action init code tries to insert action to idr with index that was
    assigned on previous iteration. During retry the index can be reused
    by another action that was inserted concurrently, which causes
    unintended action sharing between filters.
    To fix described race condition, save action idr index to temporary
    stack-allocated variable instead on nla data.
    
    Fixes: 0190c1d4 ("net: sched: atomically check-allocate action")
    Signed-off-by: default avatarDmytro Linkin <dmitrolin@mellanox.com>
    Signed-off-by: default avatarVlad Buslov <vladbu@mellanox.com>
    Acked-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    7be8ef2c
act_ct.c 23.6 KB