* [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails
@ 2022-07-08 10:06 Pablo Neira Ayuso
2022-07-08 10:06 ` [PATCH nf,v2 2/2] netfilter: nf_tables: replace BUG_ON by element length check Pablo Neira Ayuso
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Pablo Neira Ayuso @ 2022-07-08 10:06 UTC (permalink / raw)
To: netfilter-devel
Call nft_data_release() to release the element keys otherwise this
might leak chain reference counter.
Fixes: 7b225d0b5c6d ("netfilter: nf_tables: add NFTA_SET_ELEM_KEY_END attribute")
Fixes: ba0e4d9917b4 ("netfilter: nf_tables: get set elements via netlink")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
v2: coalesce two similar patches:
https://patchwork.ozlabs.org/project/netfilter-devel/patch/20220708084453.11066-1-pablo@netfilter.org/
https://patchwork.ozlabs.org/project/netfilter-devel/patch/20220708085805.12310-1-pablo@netfilter.org/
net/netfilter/nf_tables_api.c | 22 ++++++++++++++++------
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index d6b59beab3a9..9b6711e2f193 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5306,17 +5306,17 @@ static int nft_get_set_elem(struct nft_ctx *ctx, struct nft_set *set,
err = nft_setelem_parse_key(ctx, set, &elem.key_end.val,
nla[NFTA_SET_ELEM_KEY_END]);
if (err < 0)
- return err;
+ goto err_parse_key;
}
err = nft_setelem_get(ctx, set, &elem, flags);
if (err < 0)
- return err;
+ goto err_parse_key_end;
err = -ENOMEM;
skb = nlmsg_new(NLMSG_GOODSIZE, GFP_ATOMIC);
if (skb == NULL)
- return err;
+ goto err_parse_key_end;
err = nf_tables_fill_setelem_info(skb, ctx, ctx->seq, ctx->portid,
NFT_MSG_NEWSETELEM, 0, set, &elem);
@@ -5327,6 +5327,11 @@ static int nft_get_set_elem(struct nft_ctx *ctx, struct nft_set *set,
err_fill_setelem:
kfree_skb(skb);
+err_parse_key:
+ nft_data_release(&elem.key.val, NFT_DATA_VALUE);
+err_parse_key_end:
+ nft_data_release(&elem.key_end.val, NFT_DATA_VALUE);
+
return err;
}
@@ -6272,7 +6277,7 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
err = nft_setelem_parse_key(ctx, set, &elem.key_end.val,
nla[NFTA_SET_ELEM_KEY_END]);
if (err < 0)
- return err;
+ goto fail_elem;
nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY_END, set->klen);
}
@@ -6281,8 +6286,10 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
elem.priv = nft_set_elem_init(set, &tmpl, elem.key.val.data,
elem.key_end.val.data, NULL, 0, 0,
GFP_KERNEL_ACCOUNT);
- if (elem.priv == NULL)
- goto fail_elem;
+ if (elem.priv == NULL) {
+ err = PTR_ERR(elem.priv);
+ goto fail_elem_key_end;
+ }
ext = nft_set_elem_ext(set, elem.priv);
if (flags)
@@ -6306,8 +6313,11 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
kfree(trans);
fail_trans:
kfree(elem.priv);
+fail_elem_key_end:
+ nft_data_release(&elem.key_end.val, NFT_DATA_VALUE);
fail_elem:
nft_data_release(&elem.key.val, NFT_DATA_VALUE);
+
return err;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH nf,v2 2/2] netfilter: nf_tables: replace BUG_ON by element length check
2022-07-08 10:06 [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails Pablo Neira Ayuso
@ 2022-07-08 10:06 ` Pablo Neira Ayuso
2022-07-09 14:17 ` [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails Pablo Neira Ayuso
2022-07-12 12:44 ` [PATCH nf, v2 " Dan Carpenter
2 siblings, 0 replies; 5+ messages in thread
From: Pablo Neira Ayuso @ 2022-07-08 10:06 UTC (permalink / raw)
To: netfilter-devel
BUG_ON can be triggered from userspace with an element with a large
userdata area. Replace it by length check and return EINVAL instead.
Over time extensions have been growing in size.
Pick a sufficiently old Fixes: tag to propagate this fix.
Fixes: 3ac4c07a2400 ("netfilter: nf_tables: add set extensions")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
v2: add a few missing check for nft_set_ext_add() returned value.
include/net/netfilter/nf_tables.h | 14 ++++---
net/netfilter/nf_tables_api.c | 66 ++++++++++++++++++++++---------
2 files changed, 56 insertions(+), 24 deletions(-)
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 5c4e5a96a984..64cf655c818c 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -657,18 +657,22 @@ static inline void nft_set_ext_prepare(struct nft_set_ext_tmpl *tmpl)
tmpl->len = sizeof(struct nft_set_ext);
}
-static inline void nft_set_ext_add_length(struct nft_set_ext_tmpl *tmpl, u8 id,
- unsigned int len)
+static inline int nft_set_ext_add_length(struct nft_set_ext_tmpl *tmpl, u8 id,
+ unsigned int len)
{
tmpl->len = ALIGN(tmpl->len, nft_set_ext_types[id].align);
- BUG_ON(tmpl->len > U8_MAX);
+ if (tmpl->len > U8_MAX)
+ return -EINVAL;
+
tmpl->offset[id] = tmpl->len;
tmpl->len += nft_set_ext_types[id].len + len;
+
+ return 0;
}
-static inline void nft_set_ext_add(struct nft_set_ext_tmpl *tmpl, u8 id)
+static inline int nft_set_ext_add(struct nft_set_ext_tmpl *tmpl, u8 id)
{
- nft_set_ext_add_length(tmpl, id, 0);
+ return nft_set_ext_add_length(tmpl, id, 0);
}
static inline void nft_set_ext_init(struct nft_set_ext *ext,
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 9b6711e2f193..0f8f0d59d2c1 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5838,8 +5838,11 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
if (!nla[NFTA_SET_ELEM_KEY] && !(flags & NFT_SET_ELEM_CATCHALL))
return -EINVAL;
- if (flags != 0)
- nft_set_ext_add(&tmpl, NFT_SET_EXT_FLAGS);
+ if (flags != 0) {
+ err = nft_set_ext_add(&tmpl, NFT_SET_EXT_FLAGS);
+ if (err < 0)
+ return err;
+ }
if (set->flags & NFT_SET_MAP) {
if (nla[NFTA_SET_ELEM_DATA] == NULL &&
@@ -5948,7 +5951,9 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
if (err < 0)
goto err_set_elem_expr;
- nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY, set->klen);
+ err = nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY, set->klen);
+ if (err < 0)
+ goto err_parse_key;
}
if (nla[NFTA_SET_ELEM_KEY_END]) {
@@ -5957,22 +5962,31 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
if (err < 0)
goto err_parse_key;
- nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY_END, set->klen);
+ err = nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY_END, set->klen);
+ if (err < 0)
+ goto err_parse_key_end;
}
if (timeout > 0) {
- nft_set_ext_add(&tmpl, NFT_SET_EXT_EXPIRATION);
- if (timeout != set->timeout)
- nft_set_ext_add(&tmpl, NFT_SET_EXT_TIMEOUT);
+ err = nft_set_ext_add(&tmpl, NFT_SET_EXT_EXPIRATION);
+ if (err < 0)
+ goto err_parse_key_end;
+
+ if (timeout != set->timeout) {
+ err = nft_set_ext_add(&tmpl, NFT_SET_EXT_TIMEOUT);
+ if (err < 0)
+ goto err_parse_key_end;
+ }
}
if (num_exprs) {
for (i = 0; i < num_exprs; i++)
size += expr_array[i]->ops->size;
- nft_set_ext_add_length(&tmpl, NFT_SET_EXT_EXPRESSIONS,
- sizeof(struct nft_set_elem_expr) +
- size);
+ err = nft_set_ext_add_length(&tmpl, NFT_SET_EXT_EXPRESSIONS,
+ sizeof(struct nft_set_elem_expr) + size);
+ if (err < 0)
+ goto err_parse_key_end;
}
if (nla[NFTA_SET_ELEM_OBJREF] != NULL) {
@@ -5987,7 +6001,9 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
err = PTR_ERR(obj);
goto err_parse_key_end;
}
- nft_set_ext_add(&tmpl, NFT_SET_EXT_OBJREF);
+ err = nft_set_ext_add(&tmpl, NFT_SET_EXT_OBJREF);
+ if (err < 0)
+ goto err_parse_key_end;
}
if (nla[NFTA_SET_ELEM_DATA] != NULL) {
@@ -6021,7 +6037,9 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
NFT_VALIDATE_NEED);
}
- nft_set_ext_add_length(&tmpl, NFT_SET_EXT_DATA, desc.len);
+ err = nft_set_ext_add_length(&tmpl, NFT_SET_EXT_DATA, desc.len);
+ if (err < 0)
+ goto err_parse_data;
}
/* The full maximum length of userdata can exceed the maximum
@@ -6031,9 +6049,12 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
ulen = 0;
if (nla[NFTA_SET_ELEM_USERDATA] != NULL) {
ulen = nla_len(nla[NFTA_SET_ELEM_USERDATA]);
- if (ulen > 0)
- nft_set_ext_add_length(&tmpl, NFT_SET_EXT_USERDATA,
- ulen);
+ if (ulen > 0) {
+ err = nft_set_ext_add_length(&tmpl, NFT_SET_EXT_USERDATA,
+ ulen);
+ if (err < 0)
+ goto err_parse_data;
+ }
}
err = -ENOMEM;
@@ -6261,8 +6282,11 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
nft_set_ext_prepare(&tmpl);
- if (flags != 0)
- nft_set_ext_add(&tmpl, NFT_SET_EXT_FLAGS);
+ if (flags != 0) {
+ err = nft_set_ext_add(&tmpl, NFT_SET_EXT_FLAGS);
+ if (err < 0)
+ return err;
+ }
if (nla[NFTA_SET_ELEM_KEY]) {
err = nft_setelem_parse_key(ctx, set, &elem.key.val,
@@ -6270,7 +6294,9 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
if (err < 0)
return err;
- nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY, set->klen);
+ err = nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY, set->klen);
+ if (err < 0)
+ goto fail_elem;
}
if (nla[NFTA_SET_ELEM_KEY_END]) {
@@ -6279,7 +6305,9 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
if (err < 0)
goto fail_elem;
- nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY_END, set->klen);
+ err = nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY_END, set->klen);
+ if (err < 0)
+ goto fail_elem_key_end;
}
err = -ENOMEM;
--
2.30.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails
2022-07-08 10:06 [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails Pablo Neira Ayuso
2022-07-08 10:06 ` [PATCH nf,v2 2/2] netfilter: nf_tables: replace BUG_ON by element length check Pablo Neira Ayuso
@ 2022-07-09 14:17 ` Pablo Neira Ayuso
2022-07-09 14:20 ` Pablo Neira Ayuso
2022-07-12 12:44 ` [PATCH nf, v2 " Dan Carpenter
2 siblings, 1 reply; 5+ messages in thread
From: Pablo Neira Ayuso @ 2022-07-09 14:17 UTC (permalink / raw)
To: netfilter-devel
On Fri, Jul 08, 2022 at 12:06:32PM +0200, Pablo Neira Ayuso wrote:
> Call nft_data_release() to release the element keys otherwise this
> might leak chain reference counter.
>
> Fixes: 7b225d0b5c6d ("netfilter: nf_tables: add NFTA_SET_ELEM_KEY_END attribute")
> Fixes: ba0e4d9917b4 ("netfilter: nf_tables: get set elements via netlink")
> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
> ---
> v2: coalesce two similar patches:
> https://patchwork.ozlabs.org/project/netfilter-devel/patch/20220708084453.11066-1-pablo@netfilter.org/
> https://patchwork.ozlabs.org/project/netfilter-devel/patch/20220708085805.12310-1-pablo@netfilter.org/
Scratch this. nft_data_release() is noop for NFT_DATA_VERDICT case.
Calling this is good for consistency, but let's schedule this patch
for nf-next instead.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails
2022-07-09 14:17 ` [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails Pablo Neira Ayuso
@ 2022-07-09 14:20 ` Pablo Neira Ayuso
0 siblings, 0 replies; 5+ messages in thread
From: Pablo Neira Ayuso @ 2022-07-09 14:20 UTC (permalink / raw)
To: netfilter-devel
On Sat, Jul 09, 2022 at 04:17:30PM +0200, Pablo Neira Ayuso wrote:
> On Fri, Jul 08, 2022 at 12:06:32PM +0200, Pablo Neira Ayuso wrote:
> > Call nft_data_release() to release the element keys otherwise this
> > might leak chain reference counter.
> >
> > Fixes: 7b225d0b5c6d ("netfilter: nf_tables: add NFTA_SET_ELEM_KEY_END attribute")
> > Fixes: ba0e4d9917b4 ("netfilter: nf_tables: get set elements via netlink")
> > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
> > ---
> > v2: coalesce two similar patches:
> > https://patchwork.ozlabs.org/project/netfilter-devel/patch/20220708084453.11066-1-pablo@netfilter.org/
> > https://patchwork.ozlabs.org/project/netfilter-devel/patch/20220708085805.12310-1-pablo@netfilter.org/
>
> Scratch this. nft_data_release() is noop for NFT_DATA_VERDICT case.
s/NFT_DATA_VERDICT/NFT_DATA_VALUE
> Calling this is good for consistency, but let's schedule this patch
> for nf-next instead.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH nf, v2 1/2] netfilter: nf_tables: release element key when parser fails
2022-07-08 10:06 [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails Pablo Neira Ayuso
2022-07-08 10:06 ` [PATCH nf,v2 2/2] netfilter: nf_tables: replace BUG_ON by element length check Pablo Neira Ayuso
2022-07-09 14:17 ` [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails Pablo Neira Ayuso
@ 2022-07-12 12:44 ` Dan Carpenter
2 siblings, 0 replies; 5+ messages in thread
From: Dan Carpenter @ 2022-07-12 12:44 UTC (permalink / raw)
To: kbuild, Pablo Neira Ayuso, netfilter-devel; +Cc: lkp, kbuild-all
Hi Pablo,
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Pablo-Neira-Ayuso/netfilter-nf_tables-release-element-key-when-parser-fails/20220708-180911
base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git master
config: x86_64-rhel-8.3-kselftests (https://download.01.org/0day-ci/archive/20220710/202207100802.TRaePFrj-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
net/netfilter/nf_tables_api.c:6254 nft_del_setelem() warn: passing zero to 'PTR_ERR'
vim +/PTR_ERR +6254 net/netfilter/nf_tables_api.c
60319eb1ca351a Pablo Neira Ayuso 2014-04-04 6203 static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
20a69341f2d00c Patrick McHardy 2013-10-11 6204 const struct nlattr *attr)
20a69341f2d00c Patrick McHardy 2013-10-11 6205 {
20a69341f2d00c Patrick McHardy 2013-10-11 6206 struct nlattr *nla[NFTA_SET_ELEM_MAX + 1];
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6207 struct nft_set_ext_tmpl tmpl;
20a69341f2d00c Patrick McHardy 2013-10-11 6208 struct nft_set_elem elem;
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6209 struct nft_set_ext *ext;
60319eb1ca351a Pablo Neira Ayuso 2014-04-04 6210 struct nft_trans *trans;
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6211 u32 flags = 0;
20a69341f2d00c Patrick McHardy 2013-10-11 6212 int err;
20a69341f2d00c Patrick McHardy 2013-10-11 6213
8cb081746c031f Johannes Berg 2019-04-26 6214 err = nla_parse_nested_deprecated(nla, NFTA_SET_ELEM_MAX, attr,
fceb6435e85298 Johannes Berg 2017-04-12 6215 nft_set_elem_policy, NULL);
20a69341f2d00c Patrick McHardy 2013-10-11 6216 if (err < 0)
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6217 return err;
20a69341f2d00c Patrick McHardy 2013-10-11 6218
aaa31047a6d25d Pablo Neira Ayuso 2021-04-27 6219 err = nft_setelem_parse_flags(set, nla[NFTA_SET_ELEM_FLAGS], &flags);
aaa31047a6d25d Pablo Neira Ayuso 2021-04-27 6220 if (err < 0)
aaa31047a6d25d Pablo Neira Ayuso 2021-04-27 6221 return err;
aaa31047a6d25d Pablo Neira Ayuso 2021-04-27 6222
aaa31047a6d25d Pablo Neira Ayuso 2021-04-27 6223 if (!nla[NFTA_SET_ELEM_KEY] && !(flags & NFT_SET_ELEM_CATCHALL))
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6224 return -EINVAL;
20a69341f2d00c Patrick McHardy 2013-10-11 6225
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6226 nft_set_ext_prepare(&tmpl);
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6227
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6228 if (flags != 0)
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6229 nft_set_ext_add(&tmpl, NFT_SET_EXT_FLAGS);
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6230
aaa31047a6d25d Pablo Neira Ayuso 2021-04-27 6231 if (nla[NFTA_SET_ELEM_KEY]) {
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6232 err = nft_setelem_parse_key(ctx, set, &elem.key.val,
d0a11fc3dc4ab4 Patrick McHardy 2015-04-11 6233 nla[NFTA_SET_ELEM_KEY]);
20a69341f2d00c Patrick McHardy 2013-10-11 6234 if (err < 0)
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6235 return err;
20a69341f2d00c Patrick McHardy 2013-10-11 6236
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6237 nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY, set->klen);
aaa31047a6d25d Pablo Neira Ayuso 2021-04-27 6238 }
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6239
7b225d0b5c6dda Pablo Neira Ayuso 2020-01-22 6240 if (nla[NFTA_SET_ELEM_KEY_END]) {
7b225d0b5c6dda Pablo Neira Ayuso 2020-01-22 6241 err = nft_setelem_parse_key(ctx, set, &elem.key_end.val,
7b225d0b5c6dda Pablo Neira Ayuso 2020-01-22 6242 nla[NFTA_SET_ELEM_KEY_END]);
7b225d0b5c6dda Pablo Neira Ayuso 2020-01-22 6243 if (err < 0)
0973c5bfbf138f Pablo Neira Ayuso 2022-07-08 6244 goto fail_elem;
7b225d0b5c6dda Pablo Neira Ayuso 2020-01-22 6245
7b225d0b5c6dda Pablo Neira Ayuso 2020-01-22 6246 nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY_END, set->klen);
7b225d0b5c6dda Pablo Neira Ayuso 2020-01-22 6247 }
7b225d0b5c6dda Pablo Neira Ayuso 2020-01-22 6248
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6249 err = -ENOMEM;
7b225d0b5c6dda Pablo Neira Ayuso 2020-01-22 6250 elem.priv = nft_set_elem_init(set, &tmpl, elem.key.val.data,
7b225d0b5c6dda Pablo Neira Ayuso 2020-01-22 6251 elem.key_end.val.data, NULL, 0, 0,
33758c891479ea Vasily Averin 2022-03-24 6252 GFP_KERNEL_ACCOUNT);
0973c5bfbf138f Pablo Neira Ayuso 2022-07-08 6253 if (elem.priv == NULL) {
0973c5bfbf138f Pablo Neira Ayuso 2022-07-08 @6254 err = PTR_ERR(elem.priv);
err = -ENOMEM;?
0973c5bfbf138f Pablo Neira Ayuso 2022-07-08 6255 goto fail_elem_key_end;
0973c5bfbf138f Pablo Neira Ayuso 2022-07-08 6256 }
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6257
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6258 ext = nft_set_elem_ext(set, elem.priv);
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6259 if (flags)
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6260 *nft_set_ext_flags(ext) = flags;
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6261
60319eb1ca351a Pablo Neira Ayuso 2014-04-04 6262 trans = nft_trans_elem_alloc(ctx, NFT_MSG_DELSETELEM, set);
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6263 if (trans == NULL)
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6264 goto fail_trans;
20a69341f2d00c Patrick McHardy 2013-10-11 6265
aaa31047a6d25d Pablo Neira Ayuso 2021-04-27 6266 err = nft_setelem_deactivate(ctx->net, set, &elem, flags);
aaa31047a6d25d Pablo Neira Ayuso 2021-04-27 6267 if (err < 0)
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6268 goto fail_ops;
cc02e457bb86f7 Patrick McHardy 2015-03-25 6269
f8bb7889af58d8 Pablo Neira Ayuso 2021-04-27 6270 nft_setelem_data_deactivate(ctx->net, set, &elem);
591054469b3eef Pablo Neira Ayuso 2017-05-15 6271
60319eb1ca351a Pablo Neira Ayuso 2014-04-04 6272 nft_trans_elem(trans) = elem;
0854db2aaef3fc Florian Westphal 2021-04-01 6273 nft_trans_commit_list_add_tail(ctx->net, trans);
0dc1362562a2e8 Thomas Graf 2014-08-01 6274 return 0;
cc02e457bb86f7 Patrick McHardy 2015-03-25 6275
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6276 fail_ops:
cc02e457bb86f7 Patrick McHardy 2015-03-25 6277 kfree(trans);
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6278 fail_trans:
3971ca14350062 Pablo Neira Ayuso 2016-04-12 6279 kfree(elem.priv);
0973c5bfbf138f Pablo Neira Ayuso 2022-07-08 6280 fail_elem_key_end:
0973c5bfbf138f Pablo Neira Ayuso 2022-07-08 6281 nft_data_release(&elem.key_end.val, NFT_DATA_VALUE);
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6282 fail_elem:
20a1452c35425b Pablo Neira Ayuso 2020-01-22 6283 nft_data_release(&elem.key.val, NFT_DATA_VALUE);
0973c5bfbf138f Pablo Neira Ayuso 2022-07-08 6284
20a69341f2d00c Patrick McHardy 2013-10-11 6285 return err;
20a69341f2d00c Patrick McHardy 2013-10-11 6286 }
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-07-12 12:45 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-07-08 10:06 [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails Pablo Neira Ayuso
2022-07-08 10:06 ` [PATCH nf,v2 2/2] netfilter: nf_tables: replace BUG_ON by element length check Pablo Neira Ayuso
2022-07-09 14:17 ` [PATCH nf,v2 1/2] netfilter: nf_tables: release element key when parser fails Pablo Neira Ayuso
2022-07-09 14:20 ` Pablo Neira Ayuso
2022-07-12 12:44 ` [PATCH nf, v2 " Dan Carpenter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).