mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-08-26 19:00:25 +00:00
Code Issues Releases Wiki Activity
linux-stable/include/net
History
Pablo Neira Ayuso ce75dd3abb netfilter: nf_tables: autoload modules from the abort path 
commit eb014de4fd upstream.

This patch introduces a list of pending module requests. This new module
list is composed of nft_module_request objects that contain the module
name and one status field that tells if the module has been already
loaded (the 'done' field).

In the first pass, from the preparation phase, the netlink command finds
that a module is missing on this list. Then, a module request is
allocated and added to this list and nft_request_module() returns
-EAGAIN. This triggers the abort path with the autoload parameter set on
from nfnetlink, request_module() is called and the module request enters
the 'done' state. Since the mutex is released when loading modules from
the abort phase, the module list is zapped so this is iteration occurs
over a local list. Therefore, the request_module() calls happen when
object lists are in consistent state (after fulling aborting the
transaction) and the commit list is empty.

On the second pass, the netlink command will find that it already tried
to load the module, so it does not request it again and
nft_request_module() returns 0. Then, there is a look up to find the
object that the command was missing. If the module was successfully
loaded, the command proceeds normally since it finds the missing object
in place, otherwise -ENOENT is reported to userspace.

This patch also updates nfnetlink to include the reason to enter the
abort phase, which is required for this new autoload module rationale.

Fixes: ec7470b834 ("netfilter: nf_tables: store transaction list locally while requesting module")
Reported-by: syzbot+29125d208b3dae9a7019@syzkaller.appspotmail.com
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-01-29 16:45:33 +01:00
..
9p treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 188 2019-05-30 11:29:21 -07:00
bluetooth Bluetooth: Add support for utilizing Fast Advertising Interval 2019-09-05 17:27:21 +02:00
caif treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 194 2019-05-30 11:29:22 -07:00
iucv net/af_iucv: locate IUCV header via skb_network_header() 2018-09-26 09:56:07 -07:00
netfilter netfilter: nf_tables: Align nft_expr private data to 64-bit 2019-11-04 20:58:32 +01:00
netns netfilter: nf_tables: autoload modules from the abort path 2020-01-29 16:45:33 +01:00
nfc treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
phonet treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 336 2019-06-05 17:37:07 +02:00
sctp sctp: cache netns in sctp_ep_common 2019-12-04 22:30:57 +01:00
tc_act net: sched: take reference to psample group in flow_action infra 2019-09-16 09:18:03 +02:00
6lowpan.h
act_api.h net: sched: use get_dev() action API in flow_action infra 2019-09-16 09:18:03 +02:00
addrconf.h ipv6: Fix return value of ipv6_mc_may_pull() for malformed packets 2019-08-19 17:19:46 -07:00
af_ieee802154.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
af_rxrpc.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
af_unix.h net: split out functions related to registering inflight socket files 2019-02-28 08:24:23 -07:00
af_vsock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 321 2019-06-05 17:37:05 +02:00
ah.h
arp.h net: avoid potential false sharing in neighbor related code 2019-12-31 16:45:03 +01:00
atmclip.h
ax25.h ax25: fix possible use-after-free 2019-01-23 11:18:00 -08:00
ax88796.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
bond_3ad.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 90 2019-05-24 17:37:53 +02:00
bond_alb.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 5 2019-05-21 11:28:40 +02:00
bond_options.h bonding: add an option to specify a delay between peer notifications 2019-07-04 12:30:48 -07:00
bonding.h bonding: fix state transition issue in link monitoring 2019-11-05 17:40:16 -08:00
bpf_sk_storage.h bpf: support cloning sk storage on accept() 2019-08-17 23:18:54 +02:00
busy_poll.h net: annotate lockless accesses to sk->sk_napi_id 2019-10-30 17:34:35 -07:00
calipso.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
cfg80211-wext.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
cfg80211.h mac80211: fix scan when operating on DFS channels in ETSI domains 2019-10-07 22:10:50 +02:00
cfg802154.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
checksum.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cipso_ipv4.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
cls_cgroup.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
codel.h
codel_impl.h
codel_qdisc.h
compat.h net: rework SIOCGSTAMP ioctl handling 2019-04-19 14:07:40 -07:00
datalink.h
dcbevent.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 201 2019-05-30 11:29:52 -07:00
dcbnl.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 201 2019-05-30 11:29:52 -07:00
devlink.h devlink: disallow reload operation during device cleanup 2019-11-09 19:38:36 -08:00
dn.h
dn_dev.h
dn_fib.h
dn_neigh.h
dn_nsp.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 24 2019-05-21 11:52:39 +02:00
dn_route.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 24 2019-05-21 11:52:39 +02:00
drop_monitor.h drop_monitor: Add basic infrastructure for hardware drops 2019-08-17 12:40:08 -07:00
dsa.h net: dsa: Pass ndo_setup_tc slave callback to drivers 2019-09-16 21:32:57 +02:00
dsfield.h
dst.h net/dst: do not confirm neighbor for vxlan and geneve pmtu update 2020-01-04 19:19:05 +01:00
dst_cache.h
dst_metadata.h
dst_ops.h net: add bool confirm_neigh parameter for dst_ops.update_pmtu 2020-01-04 19:18:58 +01:00
erspan.h
esp.h
ethoc.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
failover.h
fib_notifier.h net: fib: drop include of module.h from fib_notifier.h 2019-04-22 21:50:53 -07:00
fib_rules.h net: fib_rules: do not flow dissect local packets 2019-07-11 14:22:53 -07:00
firewire.h
flow.h route: Add multipath_hash in flowi_common to make user-define hash 2019-02-27 12:50:17 -08:00
flow_dissector.h cls_flower: Fix the behavior using port ranges with hw-offload 2019-12-18 16:08:49 +01:00
flow_offload.h net: core: rename indirect block ingress cb function 2019-12-18 16:08:47 +01:00
fou.h
fq.h net/flow_dissector: switch to siphash 2019-10-23 20:13:22 -07:00
fq_impl.h net/fq_impl: Switch to kvmalloc() for memory allocation 2019-11-08 09:11:49 +01:00
garp.h
gen_stats.h net: align gnet_stats_basic_cpu struct 2018-11-17 21:37:29 -08:00
genetlink.h genetlink: optionally validate strictly/dumps 2019-04-27 17:07:22 -04:00
geneve.h net: Move the definition of the default Geneve udp port to public header file 2019-03-22 12:09:31 -07:00
gre.h net: Add netif_is_gretap()/netif_is_ip6gretap() 2018-12-10 15:53:04 -08:00
gro_cells.h
gtp.h
gue.h net:gue.h:Fix shifting signed 32-bit value by 31 bits problem 2019-07-01 10:58:23 -07:00
hwbm.h net: hwbm: if CONFIG_NET_HWBM unset, make stub functions static 2019-10-25 16:24:32 -07:00
icmp.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ieee80211_radiotap.h wireless-drivers-next patches for 5.1 2019-02-22 12:56:24 -08:00
ieee802154_netdev.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
if_inet6.h ipv6: shrink struct ipv6_mc_socklist 2019-08-28 14:43:03 -07:00
ife.h net: ife: drop include of module.h from net/ife.h 2019-04-22 21:50:53 -07:00
ila.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
inet6_connection_sock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
inet6_hashtables.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
inet_common.h inet: factor out inet_send_prepare() 2019-07-03 13:51:54 -07:00
inet_connection_sock.h net/tls: use RCU protection on icsk->icsk_ulp_data 2019-08-31 23:44:28 -07:00
inet_ecn.h inet: Refactor INET_ECN_decapsulate() 2018-10-17 17:45:07 -07:00
inet_frag.h inet: frags: re-introduce skb coalescing for local delivery 2019-08-08 15:55:10 -07:00
inet_hashtables.h tcp/dccp: fix possible race __inet_lookup_established() 2020-01-04 19:19:13 +01:00
inet_sock.h ip: support SO_MARK cmsg 2019-09-13 21:44:19 +02:00
inet_timewait_sock.h tcp: honor SO_PRIORITY in TIME_WAIT state 2019-09-27 12:05:02 +02:00
inetpeer.h net: ipv4: use a dedicated counter for icmp_v4 redirect packets 2019-02-08 21:50:15 -08:00
ip.h inet: protect against too small mtu values. 2019-12-18 16:08:17 +01:00
ip6_checksum.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ip6_fib.h ipv6: Dump route exceptions if requested 2019-06-24 10:18:49 -07:00
ip6_route.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-27 21:06:39 -07:00
ip6_tunnel.h ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL 2019-06-18 20:48:45 -04:00
ip_fib.h net: Properly update v4 routes with v6 nexthop 2019-09-05 12:35:58 +02:00
ip_tunnels.h route: Add multipath_hash in flowi_common to make user-define hash 2019-02-27 12:50:17 -08:00
ip_vs.h ipvs: move old_secure_tcp into struct netns_ipvs 2019-10-24 11:56:02 +02:00
ipcomp.h
ipconfig.h
ipv6.h net: ipv6: add net argument to ip6_dst_lookup_flow 2019-12-18 16:08:40 +01:00
ipv6_frag.h inet: fix various use-after-free in defrags units 2019-06-19 11:37:47 -04:00
ipv6_stubs.h net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup 2019-12-18 16:08:42 +01:00
ipx.h
iw_handler.h
kcm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
l3mdev.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
lag.h net: Add lag.h, net_lag_port_dev_txable() 2018-07-11 23:10:19 -07:00
lapb.h
lib80211.h
llc.h llc: avoid blocking in llc_sap_close() 2018-09-13 09:04:58 -07:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h llc: fix sk_buff leak in llc_conn_service() 2019-10-08 13:23:05 -07:00
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
lwtunnel.h lwtunnel: Pass encap and encap type attributes to lwtunnel_fill_encap 2019-04-23 19:42:29 -07:00
mac80211.h mac80211: allow drivers to set max MTU 2019-09-11 09:33:29 +02:00
mac802154.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
mip6.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
mld.h
mpls.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
mpls_iptunnel.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
mrp.h
ncsi.h
ndisc.h net: avoid potential false sharing in neighbor related code 2019-12-31 16:45:03 +01:00
neighbour.h net: add annotations on hh->hh_len lockless accesses 2020-01-09 10:20:06 +01:00
net_failover.h
net_namespace.h netns: fix GFP flags in rtnl_net_notifyid() 2019-10-25 20:14:42 -07:00
net_ratelimit.h
netevent.h net: ipv4: Notify about changes to ip_forward_update_priority 2018-08-01 09:52:30 -07:00
netlabel.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
netlink.h netlink: Fix nlmsg_parse as a wrapper for strict message parsing 2019-08-13 20:37:16 -07:00
netprio_cgroup.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
netrom.h net: netrom: Fix error cleanup path of nr_proto_init 2019-04-11 13:59:49 -07:00
nexthop.h net: Properly update v4 routes with v6 nexthop 2019-09-05 12:35:58 +02:00
nl802154.h
nsh.h
p8022.h
page_pool.h page_pool: do not release pool until inflight == 0. 2019-12-18 16:09:07 +01:00
ping.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
pkt_cls.h net: sched: take reference to action dev before calling offloads 2019-08-26 14:17:43 -07:00
pkt_sched.h Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net 2019-09-17 23:51:10 +02:00
pptp.h
protocol.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
psample.h net: sched: take reference to psample group in flow_action infra 2019-09-16 09:18:03 +02:00
psnap.h
raw.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
rawv6.h
red.h
regulatory.h cfg80211: make wmm_rule part of the reg_rule structure 2018-08-28 11:11:47 +02:00
request_sock.h net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head 2019-10-09 21:34:31 -07:00
rose.h
route.h ipv4: Revert removal of rt_uses_gateway 2019-09-20 18:23:33 -07:00
rsi_91x.h
rtnetlink.h net: Add extack argument to rtnl_create_link 2018-11-06 15:00:45 -08:00
rtnh.h net: Rename net/nexthop.h net/rtnh.h 2019-04-22 21:47:25 -07:00
sch_generic.h net/sched: annotate lockless accesses to qdisc->empty 2020-01-09 10:20:02 +01:00
scm.h pids: Compute task_tgid using signal->leader_pid 2018-07-21 10:43:12 -05:00
secure_seq.h
seg6.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
seg6_hmac.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
seg6_local.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
slhc_vj.h
smc.h net/smc: add smcd support to the pnet table 2019-02-21 10:34:37 -08:00
snmp.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sock.h net: annotate lockless accesses to sk->sk_pacing_shift 2020-01-09 10:20:07 +01:00
sock_reuseport.h udp: correct reuseport selection with connected sockets 2019-09-16 09:02:18 +02:00
Space.h
stp.h
strparser.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
switchdev.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tcp.h bpf: Sockmap/tls, push write_space updates through ulp updates 2020-01-23 08:22:45 +01:00
tcp_states.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
timewait_sock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tipc.h
tls.h net/tls: use sg_next() to walk sg entries 2019-12-04 22:31:02 +01:00
transp_v6.h ipv6: fold sockcm_cookie into ipcm6_cookie 2018-07-07 10:58:49 +09:00
tso.h
tun_proto.h
udp.h udp: Remove unlikely() from IS_ERR*() condition 2019-08-30 19:49:37 -07:00
udp_tunnel.h ipv6: Move ipv6 stubs to a separate header file 2019-03-29 10:53:45 -07:00
udplite.h
vsock_addr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 321 2019-06-05 17:37:05 +02:00
vxlan.h vxlan: add adjacent link to limit depth level 2019-10-24 14:53:49 -07:00
wext.h
wimax.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 268 2019-06-05 17:30:29 +02:00
x25.h
x25device.h
xdp.h xdp: page_pool related fix to cpumap 2019-06-19 11:23:13 -04:00
xdp_priv.h page_pool: do not release pool until inflight == 0. 2019-12-18 16:09:07 +01:00
xdp_sock.h xsk: add support to allow unaligned chunk placement 2019-08-31 01:08:26 +02:00
xfrm.h xfrm interface: fix management of phydev 2019-07-17 10:03:54 +02:00