From: Florian Westphal <fw@strlen.de>
To: Tristan Madani <tristmd@gmail.com>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>,
Phil Sutter <phil@nwl.cc>,
netfilter-devel@vger.kernel.org, netdev@vger.kernel.org,
stable@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 1/2] netfilter: ip_tables: guard ipt_unregister_table_pre_exit against NULL ops
Date: Sat, 2 May 2026 00:00:25 +0200 [thread overview]
Message-ID: <afUieXkrRHCGQJ8_@strlen.de> (raw)
In-Reply-To: <177766806589.1898033.5646188235412407059@gmail.com>
Tristan Madani <tristmd@gmail.com> wrote:
> That said, the crash is real -- KASAN shows ops=NULL in
> pre_exit during cleanup_net -- so something is reaching that
> path. The V2 guard handles it regardless of the root cause:
> if ops is NULL in pre_exit, we should not pass it to
> nf_unregister_net_hooks.
>
> I will share any PoC/repro if I get one.
Thanks. I have a patch series that should close all
races, I need to retest it tomorrow and then I'll post it
so sashiko, syzbot etc. can have a go at it.
I found a few other problems in the general area so it should
be a good improvement over the current state of affairs.
next prev parent reply other threads:[~2026-05-01 22:00 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-29 17:56 [PATCH 0/2] netfilter: fix NULL ops race in iptable lazy init Tristan Madani
2026-04-29 17:56 ` [PATCH 1/2] netfilter: ip_tables: allocate hook ops before making table visible Tristan Madani
2026-04-29 17:56 ` [PATCH 2/2] netfilter: ip6_tables: " Tristan Madani
2026-04-29 18:17 ` [PATCH 0/2] netfilter: fix NULL ops race in iptable lazy init Phil Sutter
2026-04-29 21:03 ` Tristan Madani
2026-04-29 23:18 ` [PATCH v2 0/2] netfilter: fix NULL ops dereference " Tristan Madani
2026-04-29 23:19 ` [PATCH v2 1/2] netfilter: ip_tables: guard ipt_unregister_table_pre_exit against NULL ops Tristan Madani
2026-04-30 13:27 ` Florian Westphal
2026-04-30 21:49 ` Tristan Madani
2026-04-30 22:16 ` Florian Westphal
2026-05-01 20:41 ` Tristan Madani
2026-05-01 22:00 ` Florian Westphal [this message]
2026-04-29 23:19 ` [PATCH v2 2/2] netfilter: ip6_tables: guard ip6t_unregister_table_pre_exit " Tristan Madani
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=afUieXkrRHCGQJ8_@strlen.de \
--to=fw@strlen.de \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=phil@nwl.cc \
--cc=stable@vger.kernel.org \
--cc=tristmd@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.