mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-27 12:57:53 +00:00
Code Issues Releases Wiki Activity
No description
1155088 commits 105 branches 5097 tags 5.6 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Find a file
Florian Westphal e6d57e9ff0 netfilter: conntrack: fix rmmod double-free race 
nf_conntrack_hash_check_insert() callers free the ct entry directly, via
nf_conntrack_free.

This isn't safe anymore because
nf_conntrack_hash_check_insert() might place the entry into the conntrack
table and then delteted the entry again because it found that a conntrack
extension has been removed at the same time.

In this case, the just-added entry is removed again and an error is
returned to the caller.

Problem is that another cpu might have picked up this entry and
incremented its reference count.

This results in a use-after-free/double-free, once by the other cpu and
once by the caller of nf_conntrack_hash_check_insert().

Fix this by making nf_conntrack_hash_check_insert() not fail anymore
after the insertion, just like before the 'Fixes' commit.

This is safe because a racing nf_ct_iterate() has to wait for us
to release the conntrack hash spinlocks.

While at it, make the function return -EAGAIN in the rmmod (genid
changed) case, this makes nfnetlink replay the command (suggested
by Pablo Neira).

Fixes: c56716c69c ("netfilter: extensions: introduce extension genid count")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2023-02-22 00:19:38 +01:00
arch ARM: SoC fixes for 6.2, part 3 2023-02-02 13:02:45 -08:00
block block-6.2-2023-01-20 2023-01-20 12:44:41 -08:00
certs certs: make system keyring depend on built-in x509 parser 2022-09-24 04:31:18 +09:00
crypto This update includes the following changes: 2022-12-14 12:31:09 -08:00
Documentation Including fixes from bpf, can and netfilter. 2023-02-02 14:03:31 -08:00
drivers net: mscc: ocelot: fix VCAP filters not matching on MAC with "protocol 802.1Q" 2023-02-07 12:20:21 +01:00
fs fscache: Use clear_and_wake_up_bit() in fscache_create_volume_work() 2023-01-30 12:51:54 +00:00
include uapi: add missing ip/ipv6 header dependencies for linux/stddef.h 2023-02-06 09:01:00 +00:00
init Kbuild fixes for v6.2 (3rd) 2023-01-21 10:56:37 -08:00
io_uring io_uring: always prep_async for drain requests 2023-01-27 06:29:29 -07:00
ipc Non-MM patches for 6.2-rc1. 2022-12-12 17:28:58 -08:00
kernel Including fixes from bpf, can and netfilter. 2023-02-02 14:03:31 -08:00
lib linux-kselftest-kunit-fixes-6.2-rc7 2023-02-02 13:08:18 -08:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
mm Revert "mm/compaction: fix set skip in fast_find_migrateblock" 2023-01-29 10:38:43 -08:00
net netfilter: conntrack: fix rmmod double-free race 2023-02-22 00:19:38 +01:00
rust rust: print: avoid evaluating arguments in pr_* macros in unsafe blocks 2023-01-16 00:54:35 +01:00
samples ftrace: Export ftrace_free_filter() to modules 2023-01-24 11:20:58 -05:00
scripts Fix up more non-executable files marked executable 2023-01-28 11:17:57 -08:00
security tomoyo: Update website link 2023-01-13 23:11:38 +09:00
sound sound fixes for 6.2-rc7 2023-02-01 10:26:23 -08:00
tools selftests: ocelot: tc_flower_chains: make test_vlan_ingress_modify() more comprehensive 2023-02-07 12:20:21 +01:00
usr usr/gen_init_cpio.c: remove unnecessary -1 values from int file 2022-10-03 14:21:44 -07:00
virt VFIO fixes for v6.2-rc6 2023-01-23 11:56:07 -08:00
.clang-format iommufd for 6.2 2022-12-14 09:15:43 -08:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore .gitignore: ignore *.rpm 2022-12-30 17:22:14 +09:00
.mailmap mailmap: add John Crispin's entry 2023-02-02 11:35:33 -08:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: update SCTP maintainers 2023-02-02 11:35:33 -08:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS Including fixes from bpf, can and netfilter. 2023-02-02 14:03:31 -08:00
Makefile Linux 6.2-rc6 2023-01-29 13:59:43 -08:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.