From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752561AbcGYH1M (ORCPT <rfc822;w@1wt.eu>);
	Mon, 25 Jul 2016 03:27:12 -0400
Received: from Chamillionaire.breakpoint.cc ([146.0.238.67]:53794 "EHLO
	Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1751127AbcGYH1K (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 25 Jul 2016 03:27:10 -0400
Date: Mon, 25 Jul 2016 09:27:06 +0200
From: Florian Westphal <fw@strlen.de>
To: Michal Kubecek <mkubecek@suse.cz>
Cc: Florian Westphal <fw@strlen.de>, Jiri Slaby <jslaby@suse.cz>,
        Greg KH <greg@kroah.com>, Jiri Slaby <jirislaby@gmail.com>,
        stable@vger.kernel.org, linux-kernel@vger.kernel.org,
        Pablo Neira Ayuso <pablo@netfilter.org>
Subject: Re: [PATCH 3.12 28/88] netfilter: x_tables: validate targets of jumps
Message-ID: <20160725072706.GC15307@breakpoint.cc>
References: <3d4036cb9b963cdd270c02856a888183da0623db.1468483951.git.jslaby@suse.cz>
 <20160725054525.GA8749@unicorn.suse.cz>
 <20160725064122.GB15307@breakpoint.cc>
 <1832770.sPqPiaF7Fe@alaris>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1832770.sPqPiaF7Fe@alaris>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Michal Kubecek <mkubecek@suse.cz> wrote:
> > What lock are you talking about?
> > 
> > The table lock is aquired after the sanity/translation pass.
> 
> I meant xt_compat_lock(AF_INET) (or AF_INET6 or NFPROTO_ARP) which is 
> held for almost all of translate_compat_table().

Ah, true.  Fortunately most installations won't use this.