Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/include/net
History
Florian Westphal 4a02426787 netfilter: tproxy: fix deadlock due to missing BH disable 
The xtables packet traverser performs an unconditional local_bh_disable(),
but the nf_tables evaluation loop does not.

Functions that are called from either xtables or nftables must assume
that they can be called in process context.

inet_twsk_deschedule_put() assumes that no softirq interrupt can occur.
If tproxy is used from nf_tables its possible that we'll deadlock
trying to aquire a lock already held in process context.

Add a small helper that takes care of this and use it.

Link: https://lore.kernel.org/netfilter-devel/401bd6ed-314a-a196-1cdc-e13c720cc8f2@balasys.hu/
Fixes: 4ed8eb6570 ("netfilter: nf_tables: Add native tproxy support")
Reported-and-tested-by: Major Dávid <major.david@balasys.hu>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2023-03-06 12:09:48 +01:00
..
9p
bluetooth
caif
iucv
mana
netfilter netfilter: tproxy: fix deadlock due to missing BH disable 2023-03-06 12:09:48 +01:00
netns Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf 2023-02-22 21:25:23 -08:00
nfc
phonet
sctp sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop 2023-02-23 12:59:40 -08:00
tc_act
6lowpan.h
Space.h
act_api.h net/sched: Rename user cookie and act cookie 2023-02-20 16:46:10 -08:00
addrconf.h
af_ieee802154.h
af_rxrpc.h
af_unix.h
af_vsock.h
ah.h
amt.h
arp.h
atmclip.h
ax25.h
ax88796.h
bareudp.h
bond_3ad.h
bond_alb.h
bond_options.h
bonding.h
bpf_sk_storage.h
busy_poll.h
calipso.h
cfg80211-wext.h
cfg80211.h
cfg802154.h
checksum.h
cipso_ipv4.h
cls_cgroup.h
codel.h
codel_impl.h
codel_qdisc.h
compat.h
datalink.h
dcbevent.h
dcbnl.h
devlink.h
dropreason.h ipv6: icmp6: add SKB_DROP_REASON_IPV6_NDISC_NS_OTHERHOST 2023-02-20 08:54:23 +00:00
dsa.h
dsfield.h
dst.h
dst_cache.h
dst_metadata.h
dst_ops.h
erspan.h
esp.h
espintcp.h
ethoc.h
failover.h
fib_notifier.h
fib_rules.h
firewire.h
flow.h
flow_dissector.h
flow_offload.h net/sched: cls_api: Support hardware miss to tc action 2023-02-20 16:46:10 -08:00
fou.h
fq.h
fq_impl.h
garp.h
gen_stats.h
genetlink.h
geneve.h
gre.h
gro.h
gro_cells.h
gtp.h
gue.h
hwbm.h
icmp.h
ieee80211_radiotap.h
ieee802154_netdev.h
if_inet6.h
ife.h
ila.h
inet6_connection_sock.h
inet6_hashtables.h
inet_common.h
inet_connection_sock.h
inet_dscp.h
inet_ecn.h
inet_frag.h
inet_hashtables.h
inet_sock.h
inet_timewait_sock.h
inetpeer.h
ioam6.h
ip.h
ip6_checksum.h
ip6_fib.h
ip6_route.h
ip6_tunnel.h
ip_fib.h
ip_tunnels.h
ip_vs.h
ipcomp.h
ipconfig.h
ipv6.h
ipv6_frag.h
ipv6_stubs.h
iw_handler.h
kcm.h
l3mdev.h
lag.h
lapb.h
lib80211.h
llc.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
lwtunnel.h
mac80211.h
mac802154.h
macsec.h
mctp.h
mctpdevice.h
mip6.h
mld.h
mpls.h
mpls_iptunnel.h
mptcp.h
mrp.h
ncsi.h
ndisc.h
neighbour.h
net_debug.h
net_failover.h
net_namespace.h
net_ratelimit.h
net_trackers.h
netevent.h
netlabel.h
netlink.h
netprio_cgroup.h
netrom.h
nexthop.h
nl802154.h
nsh.h
p8022.h
page_pool.h page_pool: add a comment explaining the fragment counter usage 2023-02-21 09:15:39 -08:00
pie.h
ping.h
pkt_cls.h net/sched: cls_api: Support hardware miss to tc action 2023-02-20 16:46:10 -08:00
pkt_sched.h
pptp.h
protocol.h
psample.h
psnap.h
raw.h
rawv6.h
red.h
regulatory.h
request_sock.h
rose.h
route.h
rpl.h
rsi_91x.h
rtnetlink.h
rtnh.h
sch_generic.h net/sched: cls_api: Support hardware miss to tc action 2023-02-20 16:46:10 -08:00
scm.h
secure_seq.h
seg6.h
seg6_hmac.h
seg6_local.h
selftests.h
slhc_vj.h
smc.h
snmp.h
sock.h
sock_reuseport.h
stp.h
strparser.h
switchdev.h
tc_wrapper.h
tcp.h
tcp_states.h
timewait_sock.h
tipc.h
tls.h
tls_toe.h
transp_v6.h
tso.h
tun_proto.h
udp.h
udp_tunnel.h
udplite.h
vsock_addr.h
vxlan.h
wext.h
x25.h
x25device.h
xdp.h
xdp_priv.h
xdp_sock.h
xdp_sock_drv.h
xfrm.h
xsk_buff_pool.h