Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
netfilter: nft_set_hash: fix get operation on big endian
tests/shell/testcases/packetpath/set_match_nomatch_hash_fast
fails on big endian with:
Error: Could not process rule: No such file or directory
reset element ip test s { 244.147.90.126 }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Fatal: Cannot fetch element "244.147.90.126"
... because the wrong bucket is searched, jhash() and jhash1_word are
not interchangeable on big endian.
Fixes: 3b02b0adc242 ("netfilter: nft_set_hash: fix lookups with fixed size hash on big endian")
Signed-off-by: Florian Westphal <fw@strlen.de>
+7
-2
+7
-2
net/netfilter/nft_set_hash.c
+7
-2
net/netfilter/nft_set_hash.c
···
619
619
nft_hash_get(const struct net *net, const struct nft_set *set,
620
620
const struct nft_set_elem *elem, unsigned int flags)
621
621
{
622
+
const u32 *key = (const u32 *)&elem->key.val;
622
623
struct nft_hash *priv = nft_set_priv(set);
623
624
u8 genmask = nft_genmask_cur(net);
624
625
struct nft_hash_elem *he;
625
626
u32 hash;
626
627
627
-
hash = jhash(elem->key.val.data, set->klen, priv->seed);
628
+
if (set->klen == 4)
629
+
hash = jhash_1word(*key, priv->seed);
630
+
else
631
+
hash = jhash(key, set->klen, priv->seed);
632
+
628
633
hash = reciprocal_scale(hash, priv->buckets);
629
634
hlist_for_each_entry_rcu(he, &priv->table[hash], node) {
630
-
if (!memcmp(nft_set_ext_key(&he->ext), elem->key.val.data, set->klen) &&
635
+
if (!memcmp(nft_set_ext_key(&he->ext), key, set->klen) &&
631
636
nft_set_elem_active(&he->ext, genmask))
632
637
return &he->priv;
633
638
}