git.osdn.net Git - sagit-ice-cold/kernel_xiaomi

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 29 Apr 2016 08:39:34 +0000 (10:39 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 31 Jan 2018 11:06:10 +0000 (12:06 +0100)
commit	936b21419e7c5be2f81e6dea02fc3d8852f3fb83
tree	77d406ee6180cc3c6d038a3c0beab993e57073ed	tree \| snapshot
parent	f4ca7cba8ffa94c43913ed322c7d35ab3d6d1e38	commit \| diff

netfilter: fix IS_ERR_VALUE usage

commit 92b4423e3a0bc5d43ecde4bcad871f8b5ba04efd upstream.

This is a forward-port of the original patch from Andrzej Hajda,
he said:

"IS_ERR_VALUE should be used only with unsigned long type.
Otherwise it can work incorrectly. To achieve this function
xt_percpu_counter_alloc is modified to return unsigned long,
and its result is assigned to temporary variable to perform
error checking, before assigning to .pcnt field.

The patch follows conclusion from discussion on LKML [1][2].

[1]: http://permalink.gmane.org/gmane.linux.kernel/2120927
[2]: http://permalink.gmane.org/gmane.linux.kernel/2150581"

Original patch from Andrzej is here:

http://patchwork.ozlabs.org/patch/582970/

This patch has clashed with input validation fixes for x_tables.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Acked-by: Michal Kubecek <mkubecek@suse.cz>

include/linux/netfilter/x_tables.h		diff \| blob \| history
net/ipv4/netfilter/arp_tables.c		diff \| blob \| history
net/ipv4/netfilter/ip_tables.c		diff \| blob \| history
net/ipv6/netfilter/ip6_tables.c		diff \| blob \| history