netfilter: nf_tables: don't assume chain stats are set when jumplabel is set
nft_chain_stats_replace() and all other spots assume ->stats can be NULL, but nft_update_chain_stats does not. It must do this check, just because the jump label is set doesn't mean all basechains have stats assigned. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Florian Westphal
Pablo Neira Ayuso
Родитель
a44f6d82a4
Коммит
009240940e
|
|
@ -119,15 +119,22 @@ DEFINE_STATIC_KEY_FALSE(nft_counters_enabled);
|
||||||
static noinline void nft_update_chain_stats(const struct nft_chain *chain,
|
static noinline void nft_update_chain_stats(const struct nft_chain *chain,
|
||||||
const struct nft_pktinfo *pkt)
|
const struct nft_pktinfo *pkt)
|
||||||
{
|
{
|
||||||
|
struct nft_base_chain *base_chain;
|
||||||
struct nft_stats *stats;
|
struct nft_stats *stats;
|
||||||
|
|
||||||
local_bh_disable();
|
base_chain = nft_base_chain(chain);
|
||||||
stats = this_cpu_ptr(rcu_dereference(nft_base_chain(chain)->stats));
|
if (!base_chain->stats)
|
||||||
u64_stats_update_begin(&stats->syncp);
|
return;
|
||||||
stats->pkts++;
|
|
||||||
stats->bytes += pkt->skb->len;
|
stats = this_cpu_ptr(rcu_dereference(base_chain->stats));
|
||||||
u64_stats_update_end(&stats->syncp);
|
if (stats) {
|
||||||
local_bh_enable();
|
local_bh_disable();
|
||||||
|
u64_stats_update_begin(&stats->syncp);
|
||||||
|
stats->pkts++;
|
||||||
|
stats->bytes += pkt->skb->len;
|
||||||
|
u64_stats_update_end(&stats->syncp);
|
||||||
|
local_bh_enable();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
struct nft_jumpstack {
|
struct nft_jumpstack {
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче