From patchwork Sat Sep 8 17:50:27 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick McHardy X-Patchwork-Id: 182588 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 384372C008F for ; Sun, 9 Sep 2012 03:50:33 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754043Ab2IHRub (ORCPT ); Sat, 8 Sep 2012 13:50:31 -0400 Received: from stinky.trash.net ([213.144.137.162]:36530 "EHLO stinky.trash.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754002Ab2IHRua (ORCPT ); Sat, 8 Sep 2012 13:50:30 -0400 Received: from localhost (localhost [127.0.0.1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by stinky.trash.net (Postfix) with ESMTPS id 1C74AB2C40; Sat, 8 Sep 2012 19:50:28 +0200 (MEST) Date: Sat, 8 Sep 2012 19:50:27 +0200 (MEST) From: Patrick McHardy To: Eric Dumazet cc: Cong Wang , Pablo Neira Ayuso , netfilter-devel@vger.kernel.org, Linux Kernel Network Developers Subject: Re: [PATCH net-next] netfilter: x_tables: xt_init() should run earlier In-Reply-To: <1346863073.13121.155.camel@edumazet-glaptop> Message-ID: References: <1346860506.13121.148.camel@edumazet-glaptop> <1346861569.13121.149.camel@edumazet-glaptop> <1346863073.13121.155.camel@edumazet-glaptop> MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On Wed, 5 Sep 2012, Eric Dumazet wrote: > From: Eric Dumazet > > Cong Wang reported a NULL dereference in xt_register_target() > > It turns out xt_nat_init() was called before xt_init(), so xt array > was not yet setup. > > xt_init() should be marked core_initcall() to solve this problem. > > Reported-by: Cong Wang > Signed-off-by: Eric Dumazet > --- > net/netfilter/x_tables.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c > index 8d987c3..afcea11 100644 > --- a/net/netfilter/x_tables.c > +++ b/net/netfilter/x_tables.c > @@ -1390,6 +1390,6 @@ static void __exit xt_fini(void) > kfree(xt); > } > > -module_init(xt_init); > +core_initcall(xt_init); > module_exit(xt_fini); Shouldn't we simply change the Makefile order? commit ecc4508e476e4325e747dad5d86c03248ed16271 Author: Patrick McHardy Date: Sat Sep 8 19:45:12 2012 +0200 netfilter: fix xt_nat link order Cong Wang reported a NULL dereference in xt_register_target() It turns out xt_nat_init() was called before xt_init(), so xt array was not yet setup. Move xt_nat down in the Makefile to avoid initialization before x_tables is initialized. Based on patch from Eric Dumazet. Reported-by: Cong Wang Signed-off-by: Patrick McHardy diff --git a/net/netfilter/Makefile b/net/netfilter/Makefile index 98244d4..6ad6616 100644 --- a/net/netfilter/Makefile +++ b/net/netfilter/Makefile @@ -47,7 +47,6 @@ nf_nat-y := nf_nat_core.o nf_nat_proto_unknown.o nf_nat_proto_common.o \ nf_nat_proto_udp.o nf_nat_proto_tcp.o nf_nat_helper.o obj-$(CONFIG_NF_NAT) += nf_nat.o -obj-$(CONFIG_NF_NAT) += xt_nat.o # NAT protocols (nf_nat) obj-$(CONFIG_NF_NAT_PROTO_DCCP) += nf_nat_proto_dccp.o @@ -93,6 +92,7 @@ obj-$(CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP) += xt_TCPOPTSTRIP.o obj-$(CONFIG_NETFILTER_XT_TARGET_TEE) += xt_TEE.o obj-$(CONFIG_NETFILTER_XT_TARGET_TRACE) += xt_TRACE.o obj-$(CONFIG_NETFILTER_XT_TARGET_IDLETIMER) += xt_IDLETIMER.o +obj-$(CONFIG_NF_NAT) += xt_nat.o # matches obj-$(CONFIG_NETFILTER_XT_MATCH_ADDRTYPE) += xt_addrtype.o