netfilter: refcounter conversions

refcount_t type and corresponding API (see include/linux/refcount.h) should be used instead of atomic_t when the variable is used as a reference counter. This allows to avoid accidental refcounter overflows that might lead to use-after-free situations. Signed-off-by: Elena Reshetova <elena.reshetova@intel.com> Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com> Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: David Windsor <dwindsor@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Reshetova, Elena <elena.reshetova@intel.com> 2017-03-16 10:03:34 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2017-03-17 12:49:43 +0100
commit: b54ab92b84b6161f91b1ad9160199422b3699009 (patch)
tree: f51f7300565a7d11414da624a9e65afa21e84221 /net/netfilter/ipvs/ip_vs_proto_tcp.c
parent: 3c679cba588a46ba81a264673e192bbd3c92455b (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/ipvs/ip_vs_proto_tcp.c b/net/netfilter/ipvs/ip_vs_proto_tcp.c
index 5117bcb7d2f0..12dc8d5bc37d 100644
--- a/net/netfilter/ipvs/ip_vs_proto_tcp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_tcp.c
@@ -557,7 +557,7 @@ set_tcp_state(struct ip_vs_proto_data *pd, struct ip_vs_conn *cp,
 			      ntohs(cp->cport),
 			      tcp_state_name(cp->state),
 			      tcp_state_name(new_state),
-			      atomic_read(&cp->refcnt));
+			      refcount_read(&cp->refcnt));
 
 		if (dest) {
 			if (!(cp->flags & IP_VS_CONN_F_INACTIVE) &&
author	Reshetova, Elena <elena.reshetova@intel.com>	2017-03-16 10:03:34 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2017-03-17 12:49:43 +0100
commit	b54ab92b84b6161f91b1ad9160199422b3699009 (patch)
tree	f51f7300565a7d11414da624a9e65afa21e84221 /net/netfilter/ipvs/ip_vs_proto_tcp.c
parent	3c679cba588a46ba81a264673e192bbd3c92455b (diff)