From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org, netfilter-devel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
patches@lists.linux.dev, Pablo Neira Ayuso <pablo@netfilter.org>
Subject: [PATCH 5.4 32/39] netfilter: nf_tables: report use refcount overflow
Date: Sun, 13 Aug 2023 23:20:23 +0200 [thread overview]
Message-ID: <20230813211705.902150875@linuxfoundation.org> (raw)
In-Reply-To: <20230813211704.796906808@linuxfoundation.org>
From: Pablo Neira Ayuso <pablo@netfilter.org>
commit 1689f25924ada8fe14a4a82c38925d04994c7142 upstream.
Overflow use refcount checks are not complete.
Add helper function to deal with object reference counter tracking.
Report -EMFILE in case UINT_MAX is reached.
nft_use_dec() splats in case that reference counter underflows,
which should not ever happen.
Add nft_use_inc_restore() and nft_use_dec_restore() which are used
to restore reference counter from error and abort paths.
Use u32 in nft_flowtable and nft_object since helper functions cannot
work on bitfields.
Remove the few early incomplete checks now that the helper functions
are in place and used to check for refcount overflow.
Fixes: 96518518cc41 ("netfilter: add nftables")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
include/net/netfilter/nf_tables.h | 31 ++++++-
net/netfilter/nf_tables_api.c | 166 +++++++++++++++++++++++---------------
net/netfilter/nft_flow_offload.c | 6 -
net/netfilter/nft_objref.c | 8 +
4 files changed, 140 insertions(+), 71 deletions(-)
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -1013,6 +1013,29 @@ int __nft_release_basechain(struct nft_c
unsigned int nft_do_chain(struct nft_pktinfo *pkt, void *priv);
+static inline bool nft_use_inc(u32 *use)
+{
+ if (*use == UINT_MAX)
+ return false;
+
+ (*use)++;
+
+ return true;
+}
+
+static inline void nft_use_dec(u32 *use)
+{
+ WARN_ON_ONCE((*use)-- == 0);
+}
+
+/* For error and abort path: restore use counter to previous state. */
+static inline void nft_use_inc_restore(u32 *use)
+{
+ WARN_ON_ONCE(!nft_use_inc(use));
+}
+
+#define nft_use_dec_restore nft_use_dec
+
/**
* struct nft_table - nf_tables table
*
@@ -1082,8 +1105,8 @@ struct nft_object {
struct list_head list;
struct rhlist_head rhlhead;
struct nft_object_hash_key key;
- u32 genmask:2,
- use:30;
+ u32 genmask:2;
+ u32 use;
u64 handle;
/* runtime data below here */
const struct nft_object_ops *ops ____cacheline_aligned;
@@ -1185,8 +1208,8 @@ struct nft_flowtable {
int hooknum;
int priority;
int ops_len;
- u32 genmask:2,
- use:30;
+ u32 genmask:2;
+ u32 use;
u64 handle;
/* runtime data below here */
struct nf_hook_ops *ops ____cacheline_aligned;
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -282,7 +282,7 @@ static int nft_delchain(struct nft_ctx *
if (IS_ERR(trans))
return PTR_ERR(trans);
- ctx->table->use--;
+ nft_use_dec(&ctx->table->use);
nft_deactivate_next(ctx->net, ctx->chain);
return 0;
@@ -323,7 +323,7 @@ nf_tables_delrule_deactivate(struct nft_
/* You cannot delete the same rule twice */
if (nft_is_active_next(ctx->net, rule)) {
nft_deactivate_next(ctx->net, rule);
- ctx->chain->use--;
+ nft_use_dec(&ctx->chain->use);
return 0;
}
return -ENOENT;
@@ -412,7 +412,7 @@ static int nft_delset(const struct nft_c
return err;
nft_deactivate_next(ctx->net, set);
- ctx->table->use--;
+ nft_use_dec(&ctx->table->use);
return err;
}
@@ -444,7 +444,7 @@ static int nft_delobj(struct nft_ctx *ct
return err;
nft_deactivate_next(ctx->net, obj);
- ctx->table->use--;
+ nft_use_dec(&ctx->table->use);
return err;
}
@@ -478,7 +478,7 @@ static int nft_delflowtable(struct nft_c
return err;
nft_deactivate_next(ctx->net, flowtable);
- ctx->table->use--;
+ nft_use_dec(&ctx->table->use);
return err;
}
@@ -1715,9 +1715,6 @@ static int nf_tables_addchain(struct nft
struct nft_rule **rules;
int err;
- if (table->use == UINT_MAX)
- return -EOVERFLOW;
-
if (nla[NFTA_CHAIN_HOOK]) {
struct nft_chain_hook hook;
struct nf_hook_ops *ops;
@@ -1794,6 +1791,11 @@ static int nf_tables_addchain(struct nft
if (err < 0)
goto err1;
+ if (!nft_use_inc(&table->use)) {
+ err = -EMFILE;
+ goto err_use;
+ }
+
err = rhltable_insert_key(&table->chains_ht, chain->name,
&chain->rhlhead, nft_chain_ht_params);
if (err)
@@ -1811,11 +1813,12 @@ static int nf_tables_addchain(struct nft
if (nft_is_base_chain(chain))
nft_trans_chain_policy(trans) = policy;
- table->use++;
list_add_tail_rcu(&chain->list, &table->chains);
return 0;
err2:
+ nft_use_dec_restore(&table->use);
+err_use:
nf_tables_unregister_hook(net, table, chain);
err1:
nf_tables_chain_destroy(ctx);
@@ -2831,9 +2834,6 @@ static int nf_tables_newrule(struct net
return -EINVAL;
handle = nf_tables_alloc_handle(table);
- if (chain->use == UINT_MAX)
- return -EOVERFLOW;
-
if (nla[NFTA_RULE_POSITION]) {
pos_handle = be64_to_cpu(nla_get_be64(nla[NFTA_RULE_POSITION]));
old_rule = __nft_rule_lookup(chain, pos_handle);
@@ -2915,16 +2915,21 @@ static int nf_tables_newrule(struct net
expr = nft_expr_next(expr);
}
+ if (!nft_use_inc(&chain->use)) {
+ err = -EMFILE;
+ goto err2;
+ }
+
if (nlh->nlmsg_flags & NLM_F_REPLACE) {
trans = nft_trans_rule_add(&ctx, NFT_MSG_NEWRULE, rule);
if (trans == NULL) {
err = -ENOMEM;
- goto err2;
+ goto err_destroy_flow_rule;
}
err = nft_delrule(&ctx, old_rule);
if (err < 0) {
nft_trans_destroy(trans);
- goto err2;
+ goto err_destroy_flow_rule;
}
list_add_tail_rcu(&rule->list, &old_rule->list);
@@ -2932,7 +2937,7 @@ static int nf_tables_newrule(struct net
trans = nft_trans_rule_add(&ctx, NFT_MSG_NEWRULE, rule);
if (!trans) {
err = -ENOMEM;
- goto err2;
+ goto err_destroy_flow_rule;
}
if (nlh->nlmsg_flags & NLM_F_APPEND) {
@@ -2948,7 +2953,6 @@ static int nf_tables_newrule(struct net
}
}
kvfree(info);
- chain->use++;
if (nft_net->validate_state == NFT_VALIDATE_DO)
return nft_table_validate(net, table);
@@ -2962,6 +2966,9 @@ static int nf_tables_newrule(struct net
}
return 0;
+
+err_destroy_flow_rule:
+ nft_use_dec_restore(&chain->use);
err2:
nft_rule_expr_deactivate(&ctx, rule, NFT_TRANS_PREPARE_ERROR);
nf_tables_rule_destroy(&ctx, rule);
@@ -3775,10 +3782,15 @@ static int nf_tables_newset(struct net *
if (ops->privsize != NULL)
size = ops->privsize(nla, &desc);
+ if (!nft_use_inc(&table->use)) {
+ err = -EMFILE;
+ goto err1;
+ }
+
set = kvzalloc(sizeof(*set) + size + udlen, GFP_KERNEL);
if (!set) {
err = -ENOMEM;
- goto err1;
+ goto err_alloc;
}
name = nla_strdup(nla[NFTA_SET_NAME], GFP_KERNEL);
@@ -3825,7 +3837,7 @@ static int nf_tables_newset(struct net *
goto err4;
list_add_tail_rcu(&set->list, &table->sets);
- table->use++;
+
return 0;
err4:
@@ -3834,6 +3846,8 @@ err3:
kfree(set->name);
err2:
kvfree(set);
+err_alloc:
+ nft_use_dec_restore(&table->use);
err1:
module_put(to_set_type(ops)->owner);
return err;
@@ -3920,9 +3934,6 @@ int nf_tables_bind_set(const struct nft_
struct nft_set_binding *i;
struct nft_set_iter iter;
- if (set->use == UINT_MAX)
- return -EOVERFLOW;
-
if (!list_empty(&set->bindings) && nft_set_is_anonymous(set))
return -EBUSY;
@@ -3947,10 +3958,12 @@ int nf_tables_bind_set(const struct nft_
return iter.err;
}
bind:
+ if (!nft_use_inc(&set->use))
+ return -EMFILE;
+
binding->chain = ctx->chain;
list_add_tail_rcu(&binding->list, &set->bindings);
nft_set_trans_bind(ctx, set);
- set->use++;
return 0;
}
@@ -3974,7 +3987,7 @@ void nf_tables_activate_set(const struct
if (nft_set_is_anonymous(set))
nft_clear(ctx->net, set);
- set->use++;
+ nft_use_inc_restore(&set->use);
}
EXPORT_SYMBOL_GPL(nf_tables_activate_set);
@@ -3990,17 +4003,17 @@ void nf_tables_deactivate_set(const stru
else
list_del_rcu(&binding->list);
- set->use--;
+ nft_use_dec(&set->use);
break;
case NFT_TRANS_PREPARE:
if (nft_set_is_anonymous(set))
nft_deactivate_next(ctx->net, set);
- set->use--;
+ nft_use_dec(&set->use);
return;
case NFT_TRANS_ABORT:
case NFT_TRANS_RELEASE:
- set->use--;
+ nft_use_dec(&set->use);
/* fall through */
default:
nf_tables_unbind_set(ctx, set, binding,
@@ -4585,7 +4598,7 @@ void nft_set_elem_destroy(const struct n
}
}
if (nft_set_ext_exists(ext, NFT_SET_EXT_OBJREF))
- (*nft_set_ext_obj(ext))->use--;
+ nft_use_dec(&(*nft_set_ext_obj(ext))->use);
kfree(elem);
}
EXPORT_SYMBOL_GPL(nft_set_elem_destroy);
@@ -4706,8 +4719,16 @@ static int nft_add_set_elem(struct nft_c
set->objtype, genmask);
if (IS_ERR(obj)) {
err = PTR_ERR(obj);
+ obj = NULL;
+ goto err2;
+ }
+
+ if (!nft_use_inc(&obj->use)) {
+ err = -EMFILE;
+ obj = NULL;
goto err2;
}
+
nft_set_ext_add(&tmpl, NFT_SET_EXT_OBJREF);
}
@@ -4772,10 +4793,8 @@ static int nft_add_set_elem(struct nft_c
udata->len = ulen - 1;
nla_memcpy(&udata->data, nla[NFTA_SET_ELEM_USERDATA], ulen);
}
- if (obj) {
+ if (obj)
*nft_set_ext_obj(ext) = obj;
- obj->use++;
- }
trans = nft_trans_elem_alloc(ctx, NFT_MSG_NEWSETELEM, set);
if (trans == NULL)
@@ -4821,13 +4840,14 @@ err6:
err5:
kfree(trans);
err4:
- if (obj)
- obj->use--;
kfree(elem.priv);
err3:
if (nla[NFTA_SET_ELEM_DATA] != NULL)
nft_data_release(&elem.data.val, desc.type);
err2:
+ if (obj)
+ nft_use_dec_restore(&obj->use);
+
nft_data_release(&elem.key.val, NFT_DATA_VALUE);
err1:
return err;
@@ -4887,11 +4907,14 @@ static int nf_tables_newsetelem(struct n
*/
void nft_data_hold(const struct nft_data *data, enum nft_data_types type)
{
+ struct nft_chain *chain;
+
if (type == NFT_DATA_VERDICT) {
switch (data->verdict.code) {
case NFT_JUMP:
case NFT_GOTO:
- data->verdict.chain->use++;
+ chain = data->verdict.chain;
+ nft_use_inc_restore(&chain->use);
break;
}
}
@@ -4906,7 +4929,7 @@ static void nft_set_elem_activate(const
if (nft_set_ext_exists(ext, NFT_SET_EXT_DATA))
nft_data_hold(nft_set_ext_data(ext), set->dtype);
if (nft_set_ext_exists(ext, NFT_SET_EXT_OBJREF))
- (*nft_set_ext_obj(ext))->use++;
+ nft_use_inc_restore(&(*nft_set_ext_obj(ext))->use);
}
static void nft_set_elem_deactivate(const struct net *net,
@@ -4918,7 +4941,7 @@ static void nft_set_elem_deactivate(cons
if (nft_set_ext_exists(ext, NFT_SET_EXT_DATA))
nft_data_release(nft_set_ext_data(ext), set->dtype);
if (nft_set_ext_exists(ext, NFT_SET_EXT_OBJREF))
- (*nft_set_ext_obj(ext))->use--;
+ nft_use_dec(&(*nft_set_ext_obj(ext))->use);
}
static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
@@ -5375,9 +5398,14 @@ static int nf_tables_newobj(struct net *
nft_ctx_init(&ctx, net, skb, nlh, family, table, NULL, nla);
+ if (!nft_use_inc(&table->use))
+ return -EMFILE;
+
type = nft_obj_type_get(net, objtype);
- if (IS_ERR(type))
- return PTR_ERR(type);
+ if (IS_ERR(type)) {
+ err = PTR_ERR(type);
+ goto err_type;
+ }
obj = nft_obj_init(&ctx, type, nla[NFTA_OBJ_DATA]);
if (IS_ERR(obj)) {
@@ -5403,7 +5431,7 @@ static int nf_tables_newobj(struct net *
goto err4;
list_add_tail_rcu(&obj->list, &table->objects);
- table->use++;
+
return 0;
err4:
/* queued in transaction log */
@@ -5417,6 +5445,9 @@ err2:
kfree(obj);
err1:
module_put(type->owner);
+err_type:
+ nft_use_dec_restore(&table->use);
+
return err;
}
@@ -5761,7 +5792,7 @@ void nf_tables_deactivate_flowtable(cons
case NFT_TRANS_PREPARE:
case NFT_TRANS_ABORT:
case NFT_TRANS_RELEASE:
- flowtable->use--;
+ nft_use_dec(&flowtable->use);
/* fall through */
default:
return;
@@ -5967,9 +5998,14 @@ static int nf_tables_newflowtable(struct
nft_ctx_init(&ctx, net, skb, nlh, family, table, NULL, nla);
+ if (!nft_use_inc(&table->use))
+ return -EMFILE;
+
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
- if (!flowtable)
- return -ENOMEM;
+ if (!flowtable) {
+ err = -ENOMEM;
+ goto flowtable_alloc;
+ }
flowtable->table = table;
flowtable->handle = nf_tables_alloc_handle(table);
@@ -6023,7 +6059,6 @@ static int nf_tables_newflowtable(struct
goto err6;
list_add_tail_rcu(&flowtable->list, &table->flowtables);
- table->use++;
return 0;
err6:
@@ -6041,6 +6076,9 @@ err2:
kfree(flowtable->name);
err1:
kfree(flowtable);
+flowtable_alloc:
+ nft_use_dec_restore(&table->use);
+
return err;
}
@@ -7035,7 +7073,7 @@ static int nf_tables_commit(struct net *
*/
if (nft_set_is_anonymous(nft_trans_set(trans)) &&
!list_empty(&nft_trans_set(trans)->bindings))
- trans->ctx.table->use--;
+ nft_use_dec(&trans->ctx.table->use);
nf_tables_set_notify(&trans->ctx, nft_trans_set(trans),
NFT_MSG_NEWSET, GFP_KERNEL);
@@ -7188,7 +7226,7 @@ static int __nf_tables_abort(struct net
kfree(nft_trans_chain_name(trans));
nft_trans_destroy(trans);
} else {
- trans->ctx.table->use--;
+ nft_use_dec_restore(&trans->ctx.table->use);
nft_chain_del(trans->ctx.chain);
nf_tables_unregister_hook(trans->ctx.net,
trans->ctx.table,
@@ -7196,25 +7234,25 @@ static int __nf_tables_abort(struct net
}
break;
case NFT_MSG_DELCHAIN:
- trans->ctx.table->use++;
+ nft_use_inc_restore(&trans->ctx.table->use);
nft_clear(trans->ctx.net, trans->ctx.chain);
nft_trans_destroy(trans);
break;
case NFT_MSG_NEWRULE:
- trans->ctx.chain->use--;
+ nft_use_dec_restore(&trans->ctx.chain->use);
list_del_rcu(&nft_trans_rule(trans)->list);
nft_rule_expr_deactivate(&trans->ctx,
nft_trans_rule(trans),
NFT_TRANS_ABORT);
break;
case NFT_MSG_DELRULE:
- trans->ctx.chain->use++;
+ nft_use_inc_restore(&trans->ctx.chain->use);
nft_clear(trans->ctx.net, nft_trans_rule(trans));
nft_rule_expr_activate(&trans->ctx, nft_trans_rule(trans));
nft_trans_destroy(trans);
break;
case NFT_MSG_NEWSET:
- trans->ctx.table->use--;
+ nft_use_dec_restore(&trans->ctx.table->use);
if (nft_trans_set_bound(trans)) {
nft_trans_destroy(trans);
break;
@@ -7222,7 +7260,7 @@ static int __nf_tables_abort(struct net
list_del_rcu(&nft_trans_set(trans)->list);
break;
case NFT_MSG_DELSET:
- trans->ctx.table->use++;
+ nft_use_inc_restore(&trans->ctx.table->use);
nft_clear(trans->ctx.net, nft_trans_set(trans));
nft_trans_destroy(trans);
break;
@@ -7249,23 +7287,23 @@ static int __nf_tables_abort(struct net
nft_obj_destroy(&trans->ctx, nft_trans_obj_newobj(trans));
nft_trans_destroy(trans);
} else {
- trans->ctx.table->use--;
+ nft_use_dec_restore(&trans->ctx.table->use);
nft_obj_del(nft_trans_obj(trans));
}
break;
case NFT_MSG_DELOBJ:
- trans->ctx.table->use++;
+ nft_use_inc_restore(&trans->ctx.table->use);
nft_clear(trans->ctx.net, nft_trans_obj(trans));
nft_trans_destroy(trans);
break;
case NFT_MSG_NEWFLOWTABLE:
- trans->ctx.table->use--;
+ nft_use_dec_restore(&trans->ctx.table->use);
list_del_rcu(&nft_trans_flowtable(trans)->list);
nft_unregister_flowtable_net_hooks(net,
nft_trans_flowtable(trans));
break;
case NFT_MSG_DELFLOWTABLE:
- trans->ctx.table->use++;
+ nft_use_inc_restore(&trans->ctx.table->use);
nft_clear(trans->ctx.net, nft_trans_flowtable(trans));
nft_trans_destroy(trans);
break;
@@ -7685,8 +7723,9 @@ static int nft_verdict_init(const struct
return PTR_ERR(chain);
if (nft_is_base_chain(chain))
return -EOPNOTSUPP;
+ if (!nft_use_inc(&chain->use))
+ return -EMFILE;
- chain->use++;
data->verdict.chain = chain;
break;
}
@@ -7698,10 +7737,13 @@ static int nft_verdict_init(const struct
static void nft_verdict_uninit(const struct nft_data *data)
{
+ struct nft_chain *chain;
+
switch (data->verdict.code) {
case NFT_JUMP:
case NFT_GOTO:
- data->verdict.chain->use--;
+ chain = data->verdict.chain;
+ nft_use_dec(&chain->use);
break;
}
}
@@ -7855,11 +7897,11 @@ int __nft_release_basechain(struct nft_c
nf_tables_unregister_hook(ctx->net, ctx->chain->table, ctx->chain);
list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) {
list_del(&rule->list);
- ctx->chain->use--;
+ nft_use_dec(&ctx->chain->use);
nf_tables_rule_release(ctx, rule);
}
nft_chain_del(ctx->chain);
- ctx->table->use--;
+ nft_use_dec(&ctx->table->use);
nf_tables_chain_destroy(ctx);
return 0;
@@ -7896,29 +7938,29 @@ static void __nft_release_table(struct n
ctx.chain = chain;
list_for_each_entry_safe(rule, nr, &chain->rules, list) {
list_del(&rule->list);
- chain->use--;
+ nft_use_dec(&chain->use);
nf_tables_rule_release(&ctx, rule);
}
}
list_for_each_entry_safe(flowtable, nf, &table->flowtables, list) {
list_del(&flowtable->list);
- table->use--;
+ nft_use_dec(&table->use);
nf_tables_flowtable_destroy(flowtable);
}
list_for_each_entry_safe(set, ns, &table->sets, list) {
list_del(&set->list);
- table->use--;
+ nft_use_dec(&table->use);
nft_set_destroy(set);
}
list_for_each_entry_safe(obj, ne, &table->objects, list) {
nft_obj_del(obj);
- table->use--;
+ nft_use_dec(&table->use);
nft_obj_destroy(&ctx, obj);
}
list_for_each_entry_safe(chain, nc, &table->chains, list) {
ctx.chain = chain;
nft_chain_del(chain);
- table->use--;
+ nft_use_dec(&table->use);
nf_tables_chain_destroy(&ctx);
}
list_del(&table->list);
--- a/net/netfilter/nft_flow_offload.c
+++ b/net/netfilter/nft_flow_offload.c
@@ -171,8 +171,10 @@ static int nft_flow_offload_init(const s
if (IS_ERR(flowtable))
return PTR_ERR(flowtable);
+ if (!nft_use_inc(&flowtable->use))
+ return -EMFILE;
+
priv->flowtable = flowtable;
- flowtable->use++;
return nf_ct_netns_get(ctx->net, ctx->family);
}
@@ -191,7 +193,7 @@ static void nft_flow_offload_activate(co
{
struct nft_flow_offload *priv = nft_expr_priv(expr);
- priv->flowtable->use++;
+ nft_use_inc_restore(&priv->flowtable->use);
}
static void nft_flow_offload_destroy(const struct nft_ctx *ctx,
--- a/net/netfilter/nft_objref.c
+++ b/net/netfilter/nft_objref.c
@@ -41,8 +41,10 @@ static int nft_objref_init(const struct
if (IS_ERR(obj))
return -ENOENT;
+ if (!nft_use_inc(&obj->use))
+ return -EMFILE;
+
nft_objref_priv(expr) = obj;
- obj->use++;
return 0;
}
@@ -71,7 +73,7 @@ static void nft_objref_deactivate(const
if (phase == NFT_TRANS_COMMIT)
return;
- obj->use--;
+ nft_use_dec(&obj->use);
}
static void nft_objref_activate(const struct nft_ctx *ctx,
@@ -79,7 +81,7 @@ static void nft_objref_activate(const st
{
struct nft_object *obj = nft_objref_priv(expr);
- obj->use++;
+ nft_use_inc_restore(&obj->use);
}
static struct nft_expr_type nft_objref_type;
next prev parent reply other threads:[~2023-08-13 21:48 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-13 21:19 [PATCH 5.4 00/39] 5.4.254-rc1 review Greg Kroah-Hartman
2023-08-13 21:19 ` [PATCH 5.4 01/39] mmc: moxart: read scr register without changing byte order Greg Kroah-Hartman
2023-08-13 21:19 ` [PATCH 5.4 02/39] ipv6: adjust ndisc_is_useropt() to also return true for PIO Greg Kroah-Hartman
2023-08-13 21:19 ` [PATCH 5.4 03/39] dmaengine: pl330: Return DMA_PAUSED when transaction is paused Greg Kroah-Hartman
2023-08-13 21:19 ` [PATCH 5.4 04/39] drm/nouveau/gr: enable memory loads on helper invocation on all channels Greg Kroah-Hartman
2023-08-13 21:19 ` [Nouveau] " Greg Kroah-Hartman
2023-08-13 21:19 ` [PATCH 5.4 05/39] radix tree test suite: fix incorrect allocation size for pthreads Greg Kroah-Hartman
2023-08-13 21:19 ` [PATCH 5.4 06/39] x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to init_fpstate") Greg Kroah-Hartman
2023-08-13 21:19 ` [PATCH 5.4 07/39] nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput Greg Kroah-Hartman
2023-08-13 21:19 ` [PATCH 5.4 08/39] iio: cros_ec: Fix the allocation size for cros_ec_command Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 09/39] binder: fix memory leak in binder_init() Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 10/39] usb-storage: alauda: Fix uninit-value in alauda_check_media() Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 11/39] usb: dwc3: Properly handle processing of pending events Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 12/39] usb: common: usb-conn-gpio: Prevent bailing out if initial role is none Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 13/39] x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 14/39] x86/mm: Fix VDSO and VVAR placement on 5-level paging machines Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 15/39] x86: Move gds_ucode_mitigated() declaration to header Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 16/39] drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 17/39] selftests/rseq: Fix build with undefined __weak Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 18/39] mISDN: Update parameter type of dsp_cmx_send() Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 19/39] net/packet: annotate data-races around tp->status Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 20/39] bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 21/39] dccp: fix data-race around dp->dccps_mss_cache Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 22/39] drivers: net: prevent tun_build_skb() to exceed the packet size limit Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 23/39] IB/hfi1: Fix possible panic during hotplug remove Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 24/39] wifi: cfg80211: fix sband iftype data lookup for AP_VLAN Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 25/39] dmaengine: mcf-edma: Fix a potential un-allocated memory access Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 26/39] net/mlx5: Allow 0 for total host VFs Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 27/39] ibmvnic: Handle DMA unmapping of login buffs in release functions Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 28/39] btrfs: dont stop integrity writeback too early Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 29/39] btrfs: set cache_block_group_error if we find an error Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 30/39] nvme-tcp: fix potential unbalanced freeze & unfreeze Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 31/39] nvme-rdma: " Greg Kroah-Hartman
2023-08-13 21:20 ` Greg Kroah-Hartman [this message]
2023-08-13 21:20 ` [PATCH 5.4 33/39] scsi: core: Fix legacy /proc parsing buffer overflow Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 34/39] scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 35/39] scsi: 53c700: Check that command slot is not NULL Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 36/39] scsi: snic: Fix possible memory leak if device_add() fails Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 37/39] scsi: core: " Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 38/39] alpha: remove __init annotation from exported page_is_ram() Greg Kroah-Hartman
2023-08-13 21:20 ` [PATCH 5.4 39/39] sch_netem: fix issues in netem_change() vs get_dist_table() Greg Kroah-Hartman
2023-08-14 14:53 ` [PATCH 5.4 00/39] 5.4.254-rc1 review Thierry Reding
2023-08-14 18:23 ` Guenter Roeck
2023-08-15 0:58 ` Shuah Khan
2023-08-15 1:43 ` Harshit Mogalapalli
2023-08-15 3:02 ` Florian Fainelli
2023-08-15 5:50 ` Daniel Díaz
2023-08-16 2:11 ` luomeng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230813211705.902150875@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=patches@lists.linux.dev \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.