Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/include/net
History
Pablo Neira Ayuso c03d278fdf netfilter: nf_tables: wait for rcu grace period on net_device removal 
8c873e2199 ("netfilter: core: free hooks with call_rcu") removed
synchronize_net() call when unregistering basechain hook, however,
net_device removal event handler for the NFPROTO_NETDEV was not updated
to wait for RCU grace period.

Note that 835b803377 ("netfilter: nf_tables_netdev: unregister hooks
on net_device removal") does not remove basechain rules on device
removal, I was hinted to remove rules on net_device removal later, see
5ebe0b0eec ("netfilter: nf_tables: destroy basechain and rules on
netdevice removal").

Although NETDEV_UNREGISTER event is guaranteed to be handled after
synchronize_net() call, this path needs to wait for rcu grace period via
rcu callback to release basechain hooks if netns is alive because an
ongoing netlink dump could be in progress (sockets hold a reference on
the netns).

Note that nf_tables_pre_exit_net() unregisters and releases basechain
hooks but it is possible to see NETDEV_UNREGISTER at a later stage in
the netns exit path, eg. veth peer device in another netns:

 cleanup_net()
  default_device_exit_batch()
   unregister_netdevice_many_notify()
    notifier_call_chain()
     nf_tables_netdev_event()
      __nft_release_basechain()

In this particular case, same rule of thumb applies: if netns is alive,
then wait for rcu grace period because netlink dump in the other netns
could be in progress. Otherwise, if the other netns is going away then
no netlink dump can be in progress and basechain hooks can be released
inmediately.

While at it, turn WARN_ON() into WARN_ON_ONCE() for the basechain
validation, which should not ever happen.

Fixes: 835b803377 ("netfilter: nf_tables_netdev: unregister hooks on net_device removal")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2024-11-07 12:28:47 +01:00
..
9p
bluetooth Bluetooth: SCO: Fix UAF on sco_sock_timeout 2024-10-23 10:20:29 -04:00
caif
iucv
libeth libeth: add Tx buffer completion helpers 2024-09-09 13:15:37 -07:00
mana Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-09-05 20:37:20 -07:00
netfilter netfilter: nf_tables: wait for rcu grace period on net_device removal 2024-11-07 12:28:47 +01:00
netns xfrm: policy: remove last remnants of pernet inexact list 2024-09-24 09:58:16 +02:00
nfc
page_pool memory-provider: dmabuf devmem memory provider 2024-09-11 20:44:31 -07:00
phonet
sctp
tc_act
6lowpan.h
Space.h
act_api.h
addrconf.h
af_ieee802154.h
af_rxrpc.h
af_unix.h
af_vsock.h
ah.h
amt.h
arp.h
atmclip.h
ax25.h
ax88796.h
bareudp.h
bond_3ad.h
bond_alb.h
bond_options.h
bonding.h bonding: change ipsec_lock from spin lock to mutex 2024-08-27 13:11:37 -07:00
bpf_sk_storage.h
busy_poll.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-08-29 11:49:10 -07:00
calipso.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
cfg80211-wext.h
cfg80211.h wifi: cfg80211: Add wiphy_delayed_work_pending() 2024-10-08 21:24:00 +02:00
cfg802154.h
checksum.h
cipso_ipv4.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
cls_cgroup.h
codel.h
codel_impl.h
codel_qdisc.h
compat.h
datalink.h
dcbevent.h
dcbnl.h
devlink.h
dropreason-core.h
dropreason.h
dsa.h
dsa_stubs.h
dscp.h
dsfield.h
dst.h
dst_cache.h
dst_metadata.h
dst_ops.h
eee.h
erspan.h
esp.h
espintcp.h
ethoc.h
failover.h
fib_notifier.h
fib_rules.h
firewire.h
flow.h
flow_dissector.h
flow_offload.h
fou.h
fq.h
fq_impl.h
garp.h
gen_stats.h
genetlink.h genetlink: hold RCU in genlmsg_mcast() 2024-10-15 17:52:58 -07:00
geneve.h
gre.h
gro.h
gro_cells.h
gso.h
gtp.h
gue.h
handshake.h
hotdata.h
hwbm.h
icmp.h
ieee8021q.h
ieee80211_radiotap.h wireless fixes for v6.12-rc5 2024-10-25 10:44:41 +01:00
ieee802154_netdev.h
if_inet6.h
ife.h
inet6_connection_sock.h
inet6_hashtables.h
inet_common.h
inet_connection_sock.h
inet_dscp.h
inet_ecn.h
inet_frag.h
inet_hashtables.h
inet_sock.h
inet_timewait_sock.h tcp: remove volatile qualifier on tw_substate 2024-08-28 17:08:16 -07:00
inetpeer.h
ioam6.h
ip.h ipv4: Unmask upper DSCP bits in get_rttos() 2024-08-31 17:44:51 +01:00
ip6_checksum.h
ip6_fib.h
ip6_route.h
ip6_tunnel.h
ip_fib.h ipv4: Fix user space build failure due to header change 2024-09-04 16:40:33 -07:00
ip_tunnels.h ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() 2024-10-29 11:12:25 -07:00
ip_vs.h
ipcomp.h
ipconfig.h
ipv6.h
ipv6_frag.h
ipv6_stubs.h
iw_handler.h wifi: cfg80211: wext: Update spelling and grammar 2024-09-03 11:49:27 +02:00
kcm.h
l3mdev.h
lag.h
lapb.h
lib80211.h
llc.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
lwtunnel.h
mac80211.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
mac802154.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
macsec.h
mctp.h mctp: Handle error of rtnl_register_module(). 2024-10-10 15:39:35 +02:00
mctpdevice.h
mip6.h
mld.h
mpls.h
mpls_iptunnel.h
mptcp.h mptcp: fallback to TCP after SYN+MPC drops 2024-09-11 15:57:50 -07:00
mrp.h
ncsi.h
ndisc.h
neighbour.h
net_debug.h
net_failover.h
net_namespace.h
net_ratelimit.h
net_trackers.h
netdev_queues.h
netdev_rx_queue.h memory-provider: fix compilation issue without SYSFS 2024-09-12 21:00:26 -07:00
netevent.h
netkit.h
netlabel.h
netlink.h
netmem.h page_pool: devmem support 2024-09-11 20:44:31 -07:00
netprio_cgroup.h
netrom.h
nexthop.h
nl802154.h ieee802154: Correct spelling in nl802154.h 2024-08-30 22:30:55 +02:00
nsh.h
p8022.h
pfcp.h
pie.h
ping.h
pkt_cls.h
pkt_sched.h
pptp.h
proto_memory.h
protocol.h
psample.h
psnap.h
raw.h
rawv6.h
red.h
regulatory.h
request_sock.h
rose.h
route.h xfrm: Unmask upper DSCP bits in xfrm_get_tos() 2024-08-31 17:44:51 +01:00
rpl.h
rps.h
rsi_91x.h
rstreason.h
rtnetlink.h rtnetlink: Add bulk registration helpers for rtnetlink message handlers. 2024-10-10 15:39:35 +02:00
rtnh.h
sch_generic.h net/sched: accept TCA_STAB only for root qdisc 2024-10-08 15:38:56 -07:00
scm.h
secure_seq.h
seg6.h
seg6_hmac.h
seg6_local.h
selftests.h
slhc_vj.h
smc.h
snmp.h
sock.h BPF fixes: 2024-10-18 16:27:14 -07:00
sock_reuseport.h
stp.h
strparser.h
switchdev.h
tc_wrapper.h
tcp.h tcp: check skb is non-NULL in tcp_rto_delta_us() 2024-09-23 11:43:09 +01:00
tcp_ao.h
tcp_states.h
tcx.h
timewait_sock.h
tipc.h
tls.h
tls_prot.h
tls_toe.h
transp_v6.h
tso.h
tun_proto.h
udp.h
udp_tunnel.h
udplite.h
vsock_addr.h
vxlan.h
wext.h
x25.h
x25device.h
xdp.h
xdp_priv.h
xdp_sock.h
xdp_sock_drv.h
xfrm.h xfrm: respect ip protocols rules criteria when performing dst lookups 2024-09-23 07:02:07 +02:00
xsk_buff_pool.h