From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 11/11] netfilter: nft_chain_nat: inet family is missing module ownership
Date: Fri, 6 Mar 2020 19:15:13 +0100 [thread overview]
Message-ID: <20200306181513.656594-12-pablo@netfilter.org> (raw)
In-Reply-To: <20200306181513.656594-1-pablo@netfilter.org>
Set owner to THIS_MODULE, otherwise the nft_chain_nat module might be
removed while there are still inet/nat chains in place.
[ 117.942096] BUG: unable to handle page fault for address: ffffffffa0d5e040
[ 117.942101] #PF: supervisor read access in kernel mode
[ 117.942103] #PF: error_code(0x0000) - not-present page
[ 117.942106] PGD 200c067 P4D 200c067 PUD 200d063 PMD 3dc909067 PTE 0
[ 117.942113] Oops: 0000 [#1] PREEMPT SMP PTI
[ 117.942118] CPU: 3 PID: 27 Comm: kworker/3:0 Not tainted 5.6.0-rc3+ #348
[ 117.942133] Workqueue: events nf_tables_trans_destroy_work [nf_tables]
[ 117.942145] RIP: 0010:nf_tables_chain_destroy.isra.0+0x94/0x15a [nf_tables]
[ 117.942149] Code: f6 45 54 01 0f 84 d1 00 00 00 80 3b 05 74 44 48 8b 75 e8 48 c7 c7 72 be de a0 e8 56 e6 2d e0 48 8b 45 e8 48 c7 c7 7f be de a0 <48> 8b 30 e8 43 e6 2d e0 48 8b 45 e8 48 8b 40 10 48 85 c0 74 5b 8b
[ 117.942152] RSP: 0018:ffffc9000015be10 EFLAGS: 00010292
[ 117.942155] RAX: ffffffffa0d5e040 RBX: ffff88840be87fc2 RCX: 0000000000000007
[ 117.942158] RDX: 0000000000000007 RSI: 0000000000000086 RDI: ffffffffa0debe7f
[ 117.942160] RBP: ffff888403b54b50 R08: 0000000000001482 R09: 0000000000000004
[ 117.942162] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8883eda7e540
[ 117.942164] R13: dead000000000122 R14: dead000000000100 R15: ffff888403b3db80
[ 117.942167] FS: 0000000000000000(0000) GS:ffff88840e4c0000(0000) knlGS:0000000000000000
[ 117.942169] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.942172] CR2: ffffffffa0d5e040 CR3: 00000003e4c52002 CR4: 00000000001606e0
[ 117.942174] Call Trace:
[ 117.942188] nf_tables_trans_destroy_work.cold+0xd/0x12 [nf_tables]
[ 117.942196] process_one_work+0x1d6/0x3b0
[ 117.942200] worker_thread+0x45/0x3c0
[ 117.942203] ? process_one_work+0x3b0/0x3b0
[ 117.942210] kthread+0x112/0x130
[ 117.942214] ? kthread_create_worker_on_cpu+0x40/0x40
[ 117.942221] ret_from_fork+0x35/0x40
nf_tables_chain_destroy() crashes on module_put() because the module is
gone.
Fixes: d164385ec572 ("netfilter: nat: add inet family nat support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
net/netfilter/nft_chain_nat.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/netfilter/nft_chain_nat.c b/net/netfilter/nft_chain_nat.c
index ff9ac8ae0031..eac4a901233f 100644
--- a/net/netfilter/nft_chain_nat.c
+++ b/net/netfilter/nft_chain_nat.c
@@ -89,6 +89,7 @@ static const struct nft_chain_type nft_chain_nat_inet = {
.name = "nat",
.type = NFT_CHAIN_T_NAT,
.family = NFPROTO_INET,
+ .owner = THIS_MODULE,
.hook_mask = (1 << NF_INET_PRE_ROUTING) |
(1 << NF_INET_LOCAL_IN) |
(1 << NF_INET_LOCAL_OUT) |
--
2.11.0
next prev parent reply other threads:[~2020-03-06 18:15 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-06 18:15 [PATCH 00/11] Netfilter fixes for net Pablo Neira Ayuso
2020-03-06 18:15 ` [PATCH 01/11] netfilter: nf_conntrack: ct_cpu_seq_next should increase position index Pablo Neira Ayuso
2020-03-06 18:15 ` [PATCH 02/11] netfilter: synproxy: synproxy_cpu_seq_next " Pablo Neira Ayuso
2020-03-06 18:15 ` [PATCH 03/11] netfilter: xt_recent: recent_seq_next " Pablo Neira Ayuso
2020-03-06 18:15 ` [PATCH 04/11] netfilter: x_tables: xt_mttg_seq_next " Pablo Neira Ayuso
2020-03-06 18:15 ` [PATCH 05/11] netfilter: nf_tables: free flowtable hooks on hook register error Pablo Neira Ayuso
2020-03-06 18:15 ` [PATCH 06/11] netfilter: cthelper: add missing attribute validation for cthelper Pablo Neira Ayuso
2020-03-06 18:15 ` [PATCH 07/11] netfilter: nft_payload: add missing attribute validation for payload csum flags Pablo Neira Ayuso
2020-03-06 18:15 ` [PATCH 08/11] netfilter: nft_tunnel: add missing attribute validation for tunnels Pablo Neira Ayuso
2020-03-06 18:15 ` [PATCH 09/11] netfilter: nf_tables: dump NFTA_CHAIN_FLAGS attribute Pablo Neira Ayuso
2020-03-06 18:15 ` [PATCH 10/11] netfilter: nf_tables: fix infinite loop when expr is not available Pablo Neira Ayuso
2020-03-06 18:15 ` Pablo Neira Ayuso [this message]
2020-03-07 5:38 ` [PATCH 00/11] Netfilter fixes for net David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200306181513.656594-12-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).