Pavel Emelyanov
2011-Feb-04 15:58 UTC
[Bridge] [PATCH] bridge: Don't put partly initialized fdb into hash
The fdb_create() puts a new fdb into hash with only addr set. This is not good, since there are callers, that search the hash w/o the lock and access all the other its fields. Applies to current netdev tree. Signed-off-by: Pavel Emelyanov <xemul at openvz.org> --- diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c index 2872393..88485cc 100644 --- a/net/bridge/br_fdb.c +++ b/net/bridge/br_fdb.c @@ -328,12 +328,12 @@ static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); if (fdb) { memcpy(fdb->addr.addr, addr, ETH_ALEN); - hlist_add_head_rcu(&fdb->hlist, head); - fdb->dst = source; fdb->is_local = is_local; fdb->is_static = is_local; fdb->ageing_timer = jiffies; + + hlist_add_head_rcu(&fdb->hlist, head); } return fdb; }
David Miller
2011-Feb-04 21:02 UTC
[Bridge] [PATCH] bridge: Don't put partly initialized fdb into hash
From: Pavel Emelyanov <xemul at parallels.com> Date: Fri, 04 Feb 2011 18:58:08 +0300> The fdb_create() puts a new fdb into hash with only addr set. This is > not good, since there are callers, that search the hash w/o the lock > and access all the other its fields. > > Applies to current netdev tree. > > Signed-off-by: Pavel Emelyanov <xemul at openvz.org>Whoa, good catch. Applied, thanks!