projects / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f188d30)
netfilter: nf_tables: unbind non-anonymous set if rule construction fails
authorPablo Neira Ayuso <pablo@netfilter.org>
Sun, 25 Jun 2023 22:42:18 +0000 (00:42 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 26 Jun 2023 15:18:55 +0000 (17:18 +0200)
Otherwise a dangling reference to a rule object that is gone remains
in the set binding list.

Fixes: 26b5a5712eb8 ("netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_tables_api.c patch | blob | history

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 4c7937fd803f9fdd72525ebcb63df0652552bf4d..1d64c163076a12339599e94af7fb75f07b93b39f 100644 (file)
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5343,6 +5343,8 @@ void nf_tables_deactivate_set(const struct nft_ctx *ctx, struct nft_set *set,
                nft_set_trans_unbind(ctx, set);
                if (nft_set_is_anonymous(set))
                        nft_deactivate_next(ctx->net, set);
+               else
+                       list_del_rcu(&binding->list);
 
                set->use--;
                break;
ep93xx device tree rework repo: git://git.maquefel.me/linux.git