netfilter: nft_set_hash: fix get operation on big endian

tests/shell/testcases/packetpath/set_match_nomatch_hash_fast
fails on big endian with:

Error: Could not process rule: No such file or directory
reset element ip test s { 244.147.90.126 }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Fatal: Cannot fetch element "244.147.90.126"

... because the wrong bucket is searched, jhash() and jhash1_word are
not interchangeable on big endian.

Fixes: 3b02b0adc242 ("netfilter: nft_set_hash: fix lookups with fixed size hash on big endian")
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/net/netfilter/nft_set_hash.c b/net/netfilter/nft_set_hash.c
index ba01ce75d6dea96771b1c885443db5268a430ba9..739b992bde591e59dfaf48037259b776936283e8 100644 (file)
--- a/net/netfilter/nft_set_hash.c
+++ b/net/netfilter/nft_set_hash.c
@@ -619,15 +619,20 @@ static struct nft_elem_priv *
 nft_hash_get(const struct net *net, const struct nft_set *set,
             const struct nft_set_elem *elem, unsigned int flags)
 {
+       const u32 *key = (const u32 *)&elem->key.val;
        struct nft_hash *priv = nft_set_priv(set);
        u8 genmask = nft_genmask_cur(net);
        struct nft_hash_elem *he;
        u32 hash;
 
-       hash = jhash(elem->key.val.data, set->klen, priv->seed);
+       if (set->klen == 4)
+               hash = jhash_1word(*key, priv->seed);
+       else
+               hash = jhash(key, set->klen, priv->seed);
+
        hash = reciprocal_scale(hash, priv->buckets);
        hlist_for_each_entry_rcu(he, &priv->table[hash], node) {
-               if (!memcmp(nft_set_ext_key(&he->ext), elem->key.val.data, set->klen) &&
+               if (!memcmp(nft_set_ext_key(&he->ext), key, set->klen) &&
                    nft_set_elem_active(&he->ext, genmask))
                        return &he->priv;
        }