diff options
| author | David Miller <davem@davemloft.net> | 2017-11-28 15:45:44 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2017-11-30 09:54:26 -0500 |
| commit | b6ca8bd5a9198c70c48297390723e4e56bd6e879 (patch) | |
| tree | 11d7a2c8f9dcdeb28582721da6fcb0705837db25 /net/netfilter | |
| parent | 45b018beddb631fb9a0ecbc3ba103521b03c4c80 (diff) | |
| download | lwn-b6ca8bd5a9198c70c48297390723e4e56bd6e879.tar.gz lwn-b6ca8bd5a9198c70c48297390723e4e56bd6e879.zip | |
xfrm: Move child route linkage into xfrm_dst.
XFRM bundle child chains look like this:
xdst1 --> xdst2 --> xdst3 --> path_dst
All of xdstN are xfrm_dst objects and xdst->u.dst.xfrm is non-NULL.
The final child pointer in the chain, here called 'path_dst', is some
other kind of route such as an ipv4 or ipv6 one.
The xfrm output path pops routes, one at a time, via the child
pointer, until we hit one which has a dst->xfrm pointer which
is NULL.
We can easily preserve the above mechanisms with child sitting
only in the xfrm_dst structure. All children in the chain
before we break out of the xfrm_output() loop have dst->xfrm
non-NULL and are therefore xfrm_dst objects.
Since we break out of the loop when we find dst->xfrm NULL, we
will not try to dereference 'dst' as if it were an xfrm_dst.
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter')
| -rw-r--r-- | net/netfilter/xt_policy.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/xt_policy.c b/net/netfilter/xt_policy.c index 2b4ab189bba7..5639fb03bdd9 100644 --- a/net/netfilter/xt_policy.c +++ b/net/netfilter/xt_policy.c @@ -93,7 +93,8 @@ match_policy_out(const struct sk_buff *skb, const struct xt_policy_info *info, if (dst->xfrm == NULL) return -1; - for (i = 0; dst && dst->xfrm; dst = dst->child, i++) { + for (i = 0; dst && dst->xfrm; + dst = ((struct xfrm_dst *)dst)->child, i++) { pos = strict ? i : 0; if (pos >= info->len) return 0; |