On Sun, Oct 07, 2018 at 12:09:32AM +0900, Taehee Yoo wrote:
> checkentry(tee_tg_check) should initialize priv->oif from dev if possible.
> But only netdevice notifier handler can set that.
> Hence priv->oif is always -1 until notifier handler is called.
>
> Fixes: 22265a5c3c10 ("netfilter: xt_TEE: resolve oif using netdevice notifiers")
I think this should be:
Fixes: 9e2f6c5d78db ("netfilter: Rework xt_TEE netdevice notifier")
since this one deleted the register_netdevice_notifier() call that was
setting the output interface index.
> Signed-off-by: Taehee Yoo <ap420073@xxxxxxxxx>
> ---
> net/netfilter/xt_TEE.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/net/netfilter/xt_TEE.c b/net/netfilter/xt_TEE.c
> index 673ad2099f97..1dae02a97ee3 100644
> --- a/net/netfilter/xt_TEE.c
> +++ b/net/netfilter/xt_TEE.c
> @@ -104,6 +104,8 @@ static int tee_tg_check(const struct xt_tgchk_param *par)
> return -EINVAL;
>
> if (info->oif[0]) {
> + struct net_device *dev;
> +
> if (info->oif[sizeof(info->oif)-1] != '\0')
> return -EINVAL;
>
> @@ -115,6 +117,11 @@ static int tee_tg_check(const struct xt_tgchk_param *par)
> priv->oif = -1;
> info->priv = priv;
>
> + dev = dev_get_by_name(par->net, info->oif);
> + if (dev) {
> + priv->oif = dev->ifindex;
> + dev_put(dev);
> + }
> mutex_lock(&tn->lock);
> list_add(&priv->list, &tn->priv_list);
> mutex_unlock(&tn->lock);
> --
> 2.17.1
>
