Re: linux-next: Tree for Sep 27 - Sergey Senozhatsky

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
To: Aaron Conole <aconole@bytheb.org>
Cc: linux-next@vger.kernel.org, linux-kernel@vger.kernel.org,
	Stephen Rothwell <sfr@canb.auug.org.au>,
	Florian Westphal <fw@strlen.de>,
	Pablo Neira Ayuso <pablo@netfilter.org>,
	netdev@vger.kernel.org, netfilter-devel@vger.kernel.org,
	Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
	Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
Subject: Re: linux-next: Tree for Sep 27
Date: Tue, 4 Oct 2016 09:48:01 +0900	[thread overview]
Message-ID: <20161004004801.GA4661@swordfish> (raw)
In-Reply-To: <20160927100324.GA466@swordfish>

On (09/27/16 19:03), Sergey Senozhatsky wrote:
> Hello,
> 
> On (09/27/16 16:40), Stephen Rothwell wrote:
> > 
> > Changes since 20160923:
> > 
> 
> seems that commit e3b37f11e6e4e6b6 ("netfilter: replace list_head with
> single linked list") breaks the build on !CONFIG_NETFILTER_INGRESS systems
> accessing ->nf_hooks_ingress
> 
> static void nf_set_hooks_head(struct net *net, const struct nf_hook_ops *reg,
>                              struct nf_hook_entry *entry)
> {
>        switch (reg->pf) {
>        case NFPROTO_NETDEV:
>                /* We already checked in nf_register_net_hook() that this is
>                 * used from ingress.
>                 */
>                rcu_assign_pointer(reg->dev->nf_hooks_ingress, entry);
> 					^^^^^^^^^^^^^^^^^^^^

so I see two commits in linux-next now that fix the commit in question in
two patches

 : commit 7816ec564ec40ae20bb7925f733a181cad0cc491 ("netfilter: accommodate
 : different kconfig in nf_set_hooks_head")
 :
 :    When CONFIG_NETFILTER_INGRESS is unset (or no), we need to handle
 :    the request for registration properly by dropping the hook.  This
 :    releases the entry during the set.
 :
 :    Fixes: e3b37f11e6e4 ("netfilter: replace list_head with single linked list")

and

 : commit 5119e4381a90fabd3442bde02707cbd9e5d7367a ("netfilter: Fix potential
 : null pointer dereference")
 :
 :    It's possible for nf_hook_entry_head to return NULL.  If two
 :    nf_unregister_net_hook calls happen simultaneously with a single hook
 :    entry in the list, both will enter the nf_hook_mutex critical section.
 :    The first will successfully delete the head, but the second will see
 :    this NULL pointer and attempt to dereference.
 :
 :    This fix ensures that no null pointer dereference could occur when such
 :    a condition happens.
 :
 :    Fixes: e3b37f11e6e4 ("netfilter: replace list_head with single linked list")

do you guys plan to fold those into "e3b37f11e6e4" (a preferred way)
or will send it out as 3 separate patches (um, why) ?

	-ss

next prev parent reply	other threads:[~2016-10-04  0:48 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-09-27  6:40 linux-next: Tree for Sep 27 Stephen Rothwell
2016-09-27 10:03 ` Sergey Senozhatsky
2016-10-04  0:48   ` Sergey Senozhatsky [this message]
2016-10-05 20:56     ` error: 'struct net_device' has no member named 'nf_hooks_ingress' Michal Sojka
2016-10-05 20:56       ` Michal Sojka
2016-10-05 21:11       ` Eric Dumazet
2016-10-06  4:31         ` Sergey Senozhatsky
  -- strict thread matches above, loose matches on Subject: below --
2024-09-27  4:06 linux-next: Tree for Sep 27 Stephen Rothwell
2023-09-27  3:51 Stephen Rothwell
2022-09-27 20:10 broonie
2021-09-27  5:51 Stephen Rothwell
2018-09-27  5:45 Stephen Rothwell
2017-09-27  6:23 Stephen Rothwell
2013-09-27  9:05 Stephen Rothwell
2013-09-27  9:05 ` Stephen Rothwell
2013-09-27 16:29 ` Joe Perches

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20161004004801.GA4661@swordfish \
    --to=sergey.senozhatsky.work@gmail.com \
    --cc=aconole@bytheb.org \
    --cc=fw@strlen.de \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-next@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=pablo@netfilter.org \
    --cc=sergey.senozhatsky@gmail.com \
    --cc=sfr@canb.auug.org.au \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.