[NETFILTER]: Fix rcu race in ipt_REDIRECT

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/ipv4/netfilter/ipt_REDIRECT.c

@@ -88,14 +88,18 @@ redirect_target(struct sk_buff **pskb,
 		newdst = htonl(0x7F000001);
 	else {
 		struct in_device *indev;
+		struct in_ifaddr *ifa;
 
-		/* Device might not have an associated in_device. */
-		indev = (struct in_device *)(*pskb)->dev->ip_ptr;
-		if (indev == NULL || indev->ifa_list == NULL)
-			return NF_DROP;
+		newdst = 0;
+		
+		rcu_read_lock();
+		indev = __in_dev_get((*pskb)->dev);
+		if (indev && (ifa = indev->ifa_list))
+			newdst = ifa->ifa_local;
+		rcu_read_unlock();
 
-		/* Grab first address on interface. */
-		newdst = indev->ifa_list->ifa_local;
+		if (!newdst)
+			return NF_DROP;
 	}
 
 	/* Transfer from original range. */