* [PATCH] netfilter: nf_tables: fix oops when deleting a chain with references
@ 2014-01-25 8:04 Patrick McHardy
2014-01-29 19:22 ` Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: Patrick McHardy @ 2014-01-25 8:04 UTC (permalink / raw)
To: pablo; +Cc: netfilter-devel
commit 780f57420cdac84eabec388868678ede19f7d682
Author: Patrick McHardy <kaber@trash.net>
Date: Fri Jan 24 13:23:52 2014 +0000
netfilter: nf_tables: fix oops when deleting a chain with references
THe following commands trigger an oops:
# nft -i
nft> add table filter
nft> add chain filter input { type filter hook input priority 0; }
nft> add chain filter test
nft> add rule filter input jump test
nft> delete chain filter test
We need to check the chain use counter before allowing destruction since
we might have references from sets or jump rules.
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=69341
Reported-by: Matthew Ife <deleriux1@gmail.com>
Tested-by: Matthew Ife <deleriux1@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 117bbaa..9ce3053 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -1045,7 +1045,7 @@ static int nf_tables_delchain(struct sock *nlsk, struct sk_buff *skb,
if (IS_ERR(chain))
return PTR_ERR(chain);
- if (!list_empty(&chain->rules))
+ if (!list_empty(&chain->rules) || chain->use > 0)
return -EBUSY;
list_del(&chain->list);
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] netfilter: nf_tables: fix oops when deleting a chain with references
2014-01-25 8:04 [PATCH] netfilter: nf_tables: fix oops when deleting a chain with references Patrick McHardy
@ 2014-01-29 19:22 ` Pablo Neira Ayuso
0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2014-01-29 19:22 UTC (permalink / raw)
To: Patrick McHardy; +Cc: netfilter-devel
On Sat, Jan 25, 2014 at 08:04:07AM +0000, Patrick McHardy wrote:
> commit 780f57420cdac84eabec388868678ede19f7d682
> Author: Patrick McHardy <kaber@trash.net>
> Date: Fri Jan 24 13:23:52 2014 +0000
>
> netfilter: nf_tables: fix oops when deleting a chain with references
>
> THe following commands trigger an oops:
>
> # nft -i
> nft> add table filter
> nft> add chain filter input { type filter hook input priority 0; }
> nft> add chain filter test
> nft> add rule filter input jump test
> nft> delete chain filter test
>
> We need to check the chain use counter before allowing destruction since
> we might have references from sets or jump rules.
Applied, thanks Patrick.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-01-29 19:23 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-01-25 8:04 [PATCH] netfilter: nf_tables: fix oops when deleting a chain with references Patrick McHardy
2014-01-29 19:22 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).