[Devel] [PATCH RHEL9 COMMIT] ms/netfilter: nfnetlink_log: use proper helper for fetching physinif

Tue, 23 Jan 2024 11:14:26 -0800 

The commit is pushed to "branch-rh9-5.14.0-362.8.1.vz9.35.x-ovz" and will 
appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh9-5.14.0-362.8.1.vz9.35.7
------>
commit 9663dd170f2553678f3e7974ab75bbbc880de959
Author: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
Date:   Tue Jan 23 11:16:18 2024 +0800

    ms/netfilter: nfnetlink_log: use proper helper for fetching physinif
    
    We don't use physindev in __build_packet_message except for getting
    physinif from it. So let's switch to nf_bridge_get_physinif to get what
    we want directly.
    
    Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
    
    Reviewed-by: Simon Horman <ho...@kernel.org>
    Signed-off-by: Pablo Neira Ayuso <pa...@netfilter.org>
    
    (cherry picked from commit c3f9fd54cd87233f53bdf0e191a86b3a5e960e02)
    https://virtuozzo.atlassian.net/browse/PSBM-153269
    Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
    
    ======
    Patchset description:
    netlink: bridge: fix nf_bridge->physindev use after free
    
    This is a backport of mainstream version of the fix to vz9:
    
https://lore.kernel.org/netdev/20240111150645.85637-1-ptikhomi...@virtuozzo.com/
    
    https://virtuozzo.atlassian.net/browse/PSBM-153269
    
    Feature: fix ms/net
---
 net/netfilter/nfnetlink_log.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index d97eb280cb2e..8116beccdc1c 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -499,7 +499,7 @@ __build_packet_message(struct nfnl_log_net *log,
                                         
htonl(br_port_get_rcu(indev)->br->dev->ifindex)))
                                goto nla_put_failure;
                } else {
-                       struct net_device *physindev;
+                       int physinif;
 
                        /* Case 2: indev is bridge group, we need to look for
                         * physical device (when called from ipv4) */
@@ -507,10 +507,10 @@ __build_packet_message(struct nfnl_log_net *log,
                                         htonl(indev->ifindex)))
                                goto nla_put_failure;
 
-                       physindev = nf_bridge_get_physindev(skb);
-                       if (physindev &&
+                       physinif = nf_bridge_get_physinif(skb);
+                       if (physinif &&
                            nla_put_be32(inst->skb, NFULA_IFINDEX_PHYSINDEV,
-                                        htonl(physindev->ifindex)))
+                                        htonl(physinif)))
                                goto nla_put_failure;
                }
 #endif
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel

Reply via email to