From: Florian Westphal <fw@strlen.de>
To: Florian Westphal <fw@strlen.de>
Cc: dwilder <dwilder@us.ibm.com>,
netdev@vger.kernel.org, netfilter-devel@vger.kernel.org,
wilder@us.ibm.com, mkubecek@suse.com
Subject: Re: [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle.
Date: Mon, 15 Jun 2020 13:44:12 +0200 [thread overview]
Message-ID: <20200615114412.GD16460@breakpoint.cc> (raw)
In-Reply-To: <20200604103815.GE28263@breakpoint.cc>
Florian Westphal <fw@strlen.de> wrote:
> dwilder <dwilder@us.ibm.com> wrote:
> > > Since the netns core already does an unconditional synchronize_rcu after
> > > the pre_exit hooks this would avoid the problem as well.
> >
> > Something like this? (un-tested)
>
> Yes.
>
> > diff --git a/net/ipv4/netfilter/iptable_mangle.c
> > b/net/ipv4/netfilter/iptable_mangle.c
> > index bb9266ea3785..0d448e4d5213 100644
> > --- a/net/ipv4/netfilter/iptable_mangle.c
> > +++ b/net/ipv4/netfilter/iptable_mangle.c
> > @@ -100,15 +100,26 @@ static int __net_init iptable_mangle_table_init(struct
> > net *net)
> > return ret;
> > }
> >
> > +static void __net_exit iptable_mangle_net_pre_exit(struct net *net)
> > +{
> > + struct xt_table *table = net->ipv4.iptable_mangle;
> > +
> > + if (mangle_ops)
> > + nf_unregister_net_hooks(net, mangle_ops,
> > + hweight32(table->valid_hooks));
> > +}
>
> You probably need if (table) here, not mangle_ops.
> I'm not sure if it makes sense to add a new
>
> xt_unregister_table_hook() helper, I guess one would have to try
> and see if that reduces copy&paste programming or not.
>
> > static void __net_exit iptable_mangle_net_exit(struct net *net)
> > {
> > if (!net->ipv4.iptable_mangle)
> > return;
> > - ipt_unregister_table(net, net->ipv4.iptable_mangle, mangle_ops);
> > + ipt_unregister_table(net, net->ipv4.iptable_mangle, NULL);
>
> I guess the 3rd arg could be removed from the helper.
>
> But yes, this looks like what I had in mind.
Will there be a followup? Otherwise I will place this on my todo-list.
Thanks.
next prev parent reply other threads:[~2020-06-15 11:44 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-03 21:25 [(RFC) PATCH ] NULL pointer dereference on rmmod iptable_mangle David Wilder
2020-06-03 22:05 ` Florian Westphal
2020-06-04 6:00 ` dwilder
2020-06-04 10:38 ` Florian Westphal
2020-06-15 11:44 ` Florian Westphal [this message]
2020-06-15 16:21 ` dwilder
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200615114412.GD16460@breakpoint.cc \
--to=fw@strlen.de \
--cc=dwilder@us.ibm.com \
--cc=mkubecek@suse.com \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=wilder@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.