diff options
| author | Greg Kroah-Hartman <gregkh@google.com> | 2017-08-29 14:51:49 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@google.com> | 2017-08-29 14:51:49 +0200 |
| commit | 5731c30334900957a351c39af33f1059e02fc1dd (patch) | |
| tree | 96bdda559c89f13a331daa52cdbd45cd435cb1ca /net | |
| parent | bf7ef8f2d57cd1f5f1846dd58ff9309efad58252 (diff) | |
| parent | 4b904b22bc906d5867933b8132ae4d7f31d7645d (diff) | |
Merge 4.9.45 into android-4.9
Changes in 4.9.45
netfilter: nf_ct_ext: fix possible panic after nf_ct_extend_unregister
audit: Fix use after free in audit_remove_watch_rule()
parisc: pci memory bar assignment fails with 64bit kernels on dino/cujo
crypto: ixp4xx - Fix error handling path in 'aead_perform()'
crypto: x86/sha1 - Fix reads beyond the number of blocks passed
Input: elan_i2c - add ELAN0608 to the ACPI table
Input: elan_i2c - Add antoher Lenovo ACPI ID for upcoming Lenovo NB
ALSA: seq: 2nd attempt at fixing race creating a queue
ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset
ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices
mm: discard memblock data later
mm: fix double mmap_sem unlock on MMF_UNSTABLE enforced SIGBUS
mm/mempolicy: fix use after free when calling get_mempolicy
mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes
xen: fix bio vec merging
blk-mq-pci: add a fallback when pci_irq_get_affinity returns NULL
powerpc: Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC
xen-blkfront: use a right index when checking requests
x86/asm/64: Clear AC on NMI entries
irqchip/atmel-aic: Fix unbalanced of_node_put() in aic_common_irq_fixup()
irqchip/atmel-aic: Fix unbalanced refcount in aic_common_rtc_irq_fixup()
genirq: Restore trigger settings in irq_modify_status()
genirq/ipi: Fixup checks against nr_cpu_ids
Sanitize 'move_pages()' permission checks
pids: make task_tgid_nr_ns() safe
usb: optimize acpi companion search for usb port devices
usb: qmi_wwan: add D-Link DWM-222 device ID
Linux 4.9.45
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/nf_conntrack_extend.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/net/netfilter/nf_conntrack_extend.c b/net/netfilter/nf_conntrack_extend.c index 02bcf00c2492..008299b7f78f 100644 --- a/net/netfilter/nf_conntrack_extend.c +++ b/net/netfilter/nf_conntrack_extend.c @@ -53,7 +53,11 @@ nf_ct_ext_create(struct nf_ct_ext **ext, enum nf_ct_ext_id id, rcu_read_lock(); t = rcu_dereference(nf_ct_ext_types[id]); - BUG_ON(t == NULL); + if (!t) { + rcu_read_unlock(); + return NULL; + } + off = ALIGN(sizeof(struct nf_ct_ext), t->align); len = off + t->len + var_alloc_len; alloc_size = t->alloc_size + var_alloc_len; @@ -88,7 +92,10 @@ void *__nf_ct_ext_add_length(struct nf_conn *ct, enum nf_ct_ext_id id, rcu_read_lock(); t = rcu_dereference(nf_ct_ext_types[id]); - BUG_ON(t == NULL); + if (!t) { + rcu_read_unlock(); + return NULL; + } newoff = ALIGN(old->len, t->align); newlen = newoff + t->len + var_alloc_len; @@ -175,6 +182,6 @@ void nf_ct_extend_unregister(struct nf_ct_ext_type *type) RCU_INIT_POINTER(nf_ct_ext_types[type->id], NULL); update_alloc_size(type); mutex_unlock(&nf_ct_ext_type_mutex); - rcu_barrier(); /* Wait for completion of call_rcu()'s */ + synchronize_rcu(); } EXPORT_SYMBOL_GPL(nf_ct_extend_unregister); |