diff options
| author | David S. Miller <davem@davemloft.net> | 2013-10-23 20:55:04 (GMT) |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2013-10-23 20:55:04 (GMT) |
| commit | afb14c7cb66c0401237b181131fd3d6bd4810909 (patch) | |
| tree | e87dec56dd5b20926aa4a35449e1c463d1d2db00 /net/ipv4/netfilter/arp_tables.c | |
| parent | 320437af954cbe66478f1f5e8b34cb5a8d072191 (diff) | |
| parent | b416c144f46af1a30ddfa4e4319a8f077381ad63 (diff) | |
| download | linux-fsl-qoriq-afb14c7cb66c0401237b181131fd3d6bd4810909.tar.xz | |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
The following patchset contains three netfilter fixes for your net
tree, they are:
* A couple of fixes to resolve info leak to userspace due to uninitialized
memory area in ulogd, from Mathias Krause.
* Fix instruction ordering issues that may lead to the access of
uninitialized data in x_tables. The problem involves the table update
(producer) and the main packet matching (consumer) routines. Detected in
SMP ARMv7, from Will Deacon.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/netfilter/arp_tables.c')
| -rw-r--r-- | net/ipv4/netfilter/arp_tables.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index 85a4f21..59da7cd 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c @@ -271,6 +271,11 @@ unsigned int arpt_do_table(struct sk_buff *skb, local_bh_disable(); addend = xt_write_recseq_begin(); private = table->private; + /* + * Ensure we load private-> members after we've fetched the base + * pointer. + */ + smp_read_barrier_depends(); table_base = private->entries[smp_processor_id()]; e = get_entry(table_base, private->hook_entry[hook]); |