]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit
projects / thirdparty / kernel / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a675d1c) | patch
netfilter: nft_synproxy: avoid possible data-race on update operation
authorFernando Fernandez Mancera <fmancera@suse.de>
Wed, 17 Dec 2025 20:21:59 +0000 (21:21 +0100)
committerFlorian Westphal <fw@strlen.de>
Thu, 1 Jan 2026 10:31:48 +0000 (11:31 +0100)
commit36a3200575642846a96436d503d46544533bb943
treeea28e1b97cdd60d87ef0bc0bdd6288b4a706afcctree | snapshot
parenta675d1caa2041f05f6343fad67b04f8babf32217commit | diff
netfilter: nft_synproxy: avoid possible data-race on update operation

During nft_synproxy eval we are reading nf_synproxy_info struct which
can be modified on update operation concurrently. As nf_synproxy_info
struct fits in 32 bits, use READ_ONCE/WRITE_ONCE annotations.

Fixes: ee394f96ad75 ("netfilter: nft_synproxy: add synproxy stateful object support")
Signed-off-by: Fernando Fernandez Mancera <fmancera@suse.de>
Signed-off-by: Florian Westphal <fw@strlen.de>
net/netfilter/nft_synproxy.c diff | blob | blame | history
A mirror of Linus' kernel repository