diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-08-04 02:27:19 +0300 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-08-06 18:07:40 +0300 |
| commit | 3d9bbaf6c5416bfc50f014ce5879c8c440aaa511 (patch) | |
| tree | d801c15f0a46047b230a9c0823e6c17b7d7ff6d7 | |
| parent | a6e57c4af12bbacf927d7321c3aa894948653688 (diff) | |
| download | linux-3d9bbaf6c5416bfc50f014ce5879c8c440aaa511.tar.xz | |
netfilter: nfnetlink_hook: use the sequence number of the request message
The sequence number allows to correlate the netlink reply message (as
part of the dump) with the original request message.
The cb->seq field is internally used to detect an interference (update)
of the hook list during the netlink dump, do not use it as sequence
number in the netlink dump header.
Fixes: e2cf17d3774c ("netfilter: add new hook nfnl subsystem")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | net/netfilter/nfnetlink_hook.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/nfnetlink_hook.c b/net/netfilter/nfnetlink_hook.c index e0ff2973fd14..7b0d4a317457 100644 --- a/net/netfilter/nfnetlink_hook.c +++ b/net/netfilter/nfnetlink_hook.c @@ -264,7 +264,8 @@ static int nfnl_hook_dump(struct sk_buff *nlskb, ops = nf_hook_entries_get_hook_ops(e); for (; i < e->num_hook_entries; i++) { - err = nfnl_hook_dump_one(nlskb, ctx, ops[i], cb->seq); + err = nfnl_hook_dump_one(nlskb, ctx, ops[i], + cb->nlh->nlmsg_seq); if (err) break; } |