From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CA83E11CAB for ; Mon, 26 Jun 2023 18:45:11 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id DDEA8C433C8; Mon, 26 Jun 2023 18:45:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1687805111; bh=xx1kqnwRUMOCGElY5ot1Rv6y5BbTqyCpHmkjn+0PJlY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=o2zfDKuOkTVv0zrUBVspQx7jqGvkS8BcShFT7lPKBIfeRI/QDuqneSdcZ7AYgEFoO hxufyWzhAyD3AAV5ficLeMeHd+fYuqLyaNPGgzuOzlrrJd9RpOVVg6qVafZdNrEKLS 6XYpL310CnPWmajIyFbwf7hVLQ0C9a+Bz9gbCwXQ= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Pablo Neira Ayuso , Sasha Levin Subject: [PATCH 5.10 53/81] netfilter: nft_set_pipapo: .walk does not deal with generations Date: Mon, 26 Jun 2023 20:12:35 +0200 Message-ID: <20230626180746.626790496@linuxfoundation.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230626180744.453069285@linuxfoundation.org> References: <20230626180744.453069285@linuxfoundation.org> User-Agent: quilt/0.67 Precedence: bulk X-Mailing-List: patches@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: Pablo Neira Ayuso [ Upstream commit 2b84e215f87443c74ac0aa7f76bb172d43a87033 ] The .walk callback iterates over the current active set, but it might be useful to iterate over the next generation set. Use the generation mask to determine what set view (either current or next generation) is use for the walk iteration. Fixes: 3c4287f62044 ("nf_tables: Add set type for arbitrary concatenation of ranges") Signed-off-by: Pablo Neira Ayuso Signed-off-by: Sasha Levin --- net/netfilter/nft_set_pipapo.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_set_pipapo.c b/net/netfilter/nft_set_pipapo.c index 30cf0673d6c19..eb5934eb3adfc 100644 --- a/net/netfilter/nft_set_pipapo.c +++ b/net/netfilter/nft_set_pipapo.c @@ -1949,12 +1949,16 @@ static void nft_pipapo_walk(const struct nft_ctx *ctx, struct nft_set *set, struct nft_set_iter *iter) { struct nft_pipapo *priv = nft_set_priv(set); + struct net *net = read_pnet(&set->net); struct nft_pipapo_match *m; struct nft_pipapo_field *f; int i, r; rcu_read_lock(); - m = rcu_dereference(priv->match); + if (iter->genmask == nft_genmask_cur(net)) + m = rcu_dereference(priv->match); + else + m = priv->clone; if (unlikely(!m)) goto out; -- 2.39.2