mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net
History
Liping Zhang 3101e0fc1f netfilter: conntrack: protect early_drop by rcu read lock 
User can add ct entry via nfnetlink(IPCTNL_MSG_CT_NEW), and if the total
number reach the nf_conntrack_max, we will try to drop some ct entries.

But in this case(the main function call path is ctnetlink_create_conntrack
-> nf_conntrack_alloc -> early_drop), rcu_read_lock is not held, so race
with hash resize will happen.

Fixes: 242922a027 ("netfilter: conntrack: simplify early_drop")
Cc: Florian Westphal <fw@strlen.de>
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2016-07-12 16:24:22 +02:00
..
6lowpan 6lowpan: add support for 802.15.4 short addr handling 2016-06-15 20:41:24 -07:00
9p remove lots of IS_ERR_VALUE abuses 2016-05-27 15:26:11 -07:00
802
8021q net: introduce default neigh_construct/destroy ndo calls for L2 upper devices 2016-07-05 09:06:28 -07:00
appletalk appletalk: fix erroneous return value 2016-02-18 14:59:34 -05:00
atm net: add dev arg to ndo_neigh_construct/destroy 2016-07-05 09:06:28 -07:00
ax25 AX.25: Close socket connection on session completion 2016-06-18 20:55:34 -07:00
batman-adv This feature patchset includes the following changes: 2016-07-04 23:33:59 -07:00
bluetooth net: add netdev_lockdep_set_classes() helper 2016-06-09 13:28:37 -07:00
bridge Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-07-06 10:35:22 -07:00
caif caif: Remove unneeded header file 2016-06-28 05:26:14 -04:00
can can: only call can_stat_update with procfs 2016-06-23 11:23:49 +02:00
ceph libceph: use %s instead of %pE in dout()s 2016-05-30 23:00:23 +02:00
core Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-07-06 10:35:22 -07:00
dcb
dccp dccp: do not assume DCCP code is non preemptible 2016-05-02 17:02:25 -04:00
decnet net: fix decnet rtnexthop parsing 2016-07-05 14:08:47 -07:00
dns_resolver KEYS: Add a facility to restrict new links into a keyring 2016-04-11 22:37:37 +01:00
dsa net: dsa: Initialize CPU port ethtool ops per tree 2016-06-08 11:23:42 -07:00
ethernet eth: Pull header from first fragment via eth_get_headlen 2016-02-24 13:58:05 -05:00
hsr net/hsr: Use setup_timer and mod_timer. 2016-05-16 14:00:43 -04:00
ieee802154 net: add dev arg to ndo_neigh_construct/destroy 2016-07-05 09:06:28 -07:00
ipv4 netfilter: conntrack: fix race between nf_conntrack proc read and hash resize 2016-07-11 11:38:57 +02:00
ipv6 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-07-06 10:35:22 -07:00
ipx
irda TTY and Serial driver update for 4.7-rc1 2016-05-20 20:57:27 -07:00
iucv af_iucv: use paged SKBs for big inbound messages 2016-06-15 12:21:05 -07:00
kcm bpf: refactor bpf_prog_get and type check into helper 2016-07-01 16:00:47 -04:00
key
l2tp ipv6: use TOS marks from sockets for routing decision 2016-06-11 15:33:26 -07:00
l3mdev net: vrf: Implement get_saddr for IPv6 2016-06-17 21:25:29 -07:00
lapb net/lapb: tuse %*ph to dump buffers 2016-05-29 22:33:25 -07:00
llc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-05-09 15:59:24 -04:00
mac80211 cfg80211: Add mesh peer AID setting API 2016-07-06 15:04:52 +02:00
mac802154 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2016-03-19 10:05:34 -07:00
mpls mpls: allow routes on ipgre devices 2016-06-16 17:12:07 -07:00
netfilter netfilter: conntrack: protect early_drop by rcu read lock 2016-07-12 16:24:22 +02:00
netlabel netlabel: fix a problem with netlbl_secattr_catmap_setrng() 2016-04-05 16:10:47 -04:00
netlink net/netlink/af_netlink.h: Remove unused structure. 2016-06-09 22:26:24 -07:00
netrom
nfc nfc: nci: Add nci_nfcc_loopback to the nci core 2016-05-04 01:48:16 +02:00
openvswitch Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-06-30 05:03:36 -04:00
packet Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-07-06 10:35:22 -07:00
phonet
qrtr Merge tag 'qcom-soc-for-4.7-2' into net-next 2016-05-17 14:11:19 -04:00
rds Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-07-06 10:35:22 -07:00
rfkill rfkill: Use switch to demux userspace operations 2016-04-05 10:48:53 +02:00
rose
rxrpc rxrpc: Kill off the rxrpc_transport struct 2016-06-22 14:00:23 +01:00
sched Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-07-06 10:35:22 -07:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-06-30 05:03:36 -04:00
sunrpc rpc: share one xps between all backchannels 2016-06-15 10:32:25 -04:00
switchdev switchdev: pass pointer to fib_info instead of copy 2016-05-17 13:58:49 -04:00
tipc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-07-06 10:35:22 -07:00
unix Merge branch 'overlayfs-af_unix-fix' into overlayfs-linus 2016-06-12 12:05:21 +02:00
vmw_vsock vsock: make listener child lock ordering explicit 2016-06-27 10:44:46 -04:00
wimax
wireless cfg80211: Add mesh peer AID setting API 2016-07-06 15:04:52 +02:00
x25 net: fix a kernel infoleak in x25 module 2016-05-09 22:45:33 -04:00
xfrm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-05-09 15:59:24 -04:00
Kconfig bpf: add generic constant blinding for use in jits 2016-05-16 13:49:32 -04:00
Makefile net: Add Qualcomm IPC router 2016-05-08 23:46:14 -04:00
compat.c packet: compat support for sock_fprog 2016-06-09 23:41:03 -07:00
socket.c fs: poll/select/recvmmsg: use timespec64 for timeout events 2016-05-19 19:12:14 -07:00
sysctl_net.c