From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org, kuba@kernel.org
Subject: [PATCH net 0/8] Netfilter fixes for net
Date: Tue, 1 Mar 2022 22:53:29 +0100 [thread overview]
Message-ID: <20220301215337.378405-1-pablo@netfilter.org> (raw)
Hi,
The following patchset contains Netfilter fixes for net:
1) Use kfree_rcu(ptr, rcu) variant, using kfree_rcu(ptr) was not
intentional. From Eric Dumazet.
2) Use-after-free in netfilter hook core, from Eric Dumazet.
3) Missing rcu read lock side for netfilter egress hook,
from Florian Westphal.
4) nf_queue assume state->sk is full socket while it might not be.
Invoke sock_gen_put(), from Florian Westphal.
5) Add selftest to exercise the reported KASAN splat in 4)
6) Fix possible use-after-free in nf_queue in case sk_refcnt is 0.
Also from Florian.
7) Use input interface index only for hardware offload, not for
the software plane. This breaks tc ct action. Patch from Paul Blakey.
Please, pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git
Thanks.
----------------------------------------------------------------
The following changes since commit 277f2bb14361790a70e4b3c649e794b75a91a597:
ibmvnic: schedule failover only if vioctl fails (2022-02-22 17:06:27 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git HEAD
for you to fetch changes up to db6140e5e35a48405e669353bd54042c1d4c3841:
net/sched: act_ct: Fix flow table lookup failure with no originating ifindex (2022-03-01 22:08:31 +0100)
----------------------------------------------------------------
Eric Dumazet (2):
netfilter: nf_tables: prefer kfree_rcu(ptr, rcu) variant
netfilter: fix use-after-free in __nf_register_net_hook()
Florian Westphal (5):
netfilter: egress: silence egress hook lockdep splats
netfilter: nf_queue: don't assume sk is full socket
selftests: netfilter: add nfqueue TCP_NEW_SYN_RECV socket race test
netfilter: nf_queue: fix possible use-after-free
netfilter: nf_queue: handle socket prefetch
Paul Blakey (1):
net/sched: act_ct: Fix flow table lookup failure with no originating ifindex
include/linux/netfilter_netdev.h | 4 +
include/net/netfilter/nf_flow_table.h | 6 +-
include/net/netfilter/nf_queue.h | 2 +-
net/netfilter/core.c | 5 +-
net/netfilter/nf_flow_table_offload.c | 6 +-
net/netfilter/nf_queue.c | 36 +++++-
net/netfilter/nf_tables_api.c | 4 +-
net/netfilter/nfnetlink_queue.c | 12 +-
net/sched/act_ct.c | 13 ++-
tools/testing/selftests/netfilter/.gitignore | 1 +
tools/testing/selftests/netfilter/Makefile | 2 +-
tools/testing/selftests/netfilter/connect_close.c | 136 ++++++++++++++++++++++
tools/testing/selftests/netfilter/nft_queue.sh | 19 +++
13 files changed, 226 insertions(+), 20 deletions(-)
create mode 100644 tools/testing/selftests/netfilter/connect_close.c
next reply other threads:[~2022-03-01 21:53 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-01 21:53 Pablo Neira Ayuso [this message]
2022-03-01 21:53 ` [PATCH net 1/8] netfilter: nf_tables: prefer kfree_rcu(ptr, rcu) variant Pablo Neira Ayuso
2022-03-01 23:30 ` patchwork-bot+netdevbpf
2022-03-01 21:53 ` [PATCH net 2/8] netfilter: fix use-after-free in __nf_register_net_hook() Pablo Neira Ayuso
2022-03-01 21:53 ` [PATCH net 3/8] netfilter: egress: silence egress hook lockdep splats Pablo Neira Ayuso
2022-03-01 21:53 ` [PATCH net 4/8] netfilter: nf_queue: don't assume sk is full socket Pablo Neira Ayuso
2022-03-01 21:53 ` [PATCH net 5/8] selftests: netfilter: add nfqueue TCP_NEW_SYN_RECV socket race test Pablo Neira Ayuso
2022-03-01 21:53 ` [PATCH net 6/8] netfilter: nf_queue: fix possible use-after-free Pablo Neira Ayuso
2022-03-01 21:53 ` [PATCH net 7/8] netfilter: nf_queue: handle socket prefetch Pablo Neira Ayuso
2022-03-01 21:53 ` [PATCH net 8/8] net/sched: act_ct: Fix flow table lookup failure with no originating ifindex Pablo Neira Ayuso
-- strict thread matches above, loose matches on Subject: below --
2024-08-14 22:20 [PATCH net 0/8] Netfilter fixes for net Pablo Neira Ayuso
2022-08-09 22:05 Pablo Neira Ayuso
2022-08-10 4:27 ` Jakub Kicinski
2022-08-10 7:59 ` Pablo Neira Ayuso
2022-01-27 23:52 Pablo Neira Ayuso
2021-06-22 21:59 Pablo Neira Ayuso
2021-06-22 22:41 ` David Miller
2021-06-22 23:06 ` Pablo Neira Ayuso
2021-05-07 17:47 Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220301215337.378405-1-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).