The commit is pushed to "branch-rh9-5.14.0-362.8.1.vz9.35.x-ovz" and will
appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh9-5.14.0-362.8.1.vz9.35.7
------>
commit 71ce14d3e16266e57165e4efa580b49cf590de73
Author: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
Date: Tue Jan 23 11:16:19 2024 +0800
ms/netfilter: nf_queue: remove excess nf_bridge variable
We don't really need nf_bridge variable here. And nf_bridge_info_exists
is better replacement for nf_bridge_info_get in case we are only
checking for existence.
Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
Reviewed-by: Simon Horman <ho...@kernel.org>
Signed-off-by: Pablo Neira Ayuso <pa...@netfilter.org>
(cherry picked from commit aeaa44075f8e49e2e0ad4507d925e690b7950145)
https://virtuozzo.atlassian.net/browse/PSBM-153269
Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
======
Patchset description:
netlink: bridge: fix nf_bridge->physindev use after free
This is a backport of mainstream version of the fix to vz9:
https://lore.kernel.org/netdev/20240111150645.85637-1-ptikhomi...@virtuozzo.com/
https://virtuozzo.atlassian.net/browse/PSBM-153269
Feature: fix ms/net
---
net/netfilter/nf_queue.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index d7542c5c4ae6..0077354d3258 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -82,10 +82,8 @@ static void __nf_queue_entry_init_physdevs(struct
nf_queue_entry *entry)
{
#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
const struct sk_buff *skb = entry->skb;
- struct nf_bridge_info *nf_bridge;
- nf_bridge = nf_bridge_info_get(skb);
- if (nf_bridge) {
+ if (nf_bridge_info_exists(skb)) {
entry->physin = nf_bridge_get_physindev(skb);
entry->physout = nf_bridge_get_physoutdev(skb);
} else {
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
