git.baikalelectronics.ru Git - kernel.git/commit

author	Florian Westphal <fw@strlen.de>
	Thu, 2 Aug 2018 19:44:41 +0000 (21:44 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 16 Aug 2018 17:37:03 +0000 (19:37 +0200)
commit	ba160e46cf925dd558abf18dcc5273fba29bb107
tree	f3111dac7df6aa291d8d8b60dcb50f5a508c9d70	tree \| snapshot
parent	21ab8eea972477aea4f7503a240bd67f87816caf	commit \| diff

netfilter: nf_tables: don't prevent event handler from device cleanup on netns exit

When a netnsamespace exits, the nf_tables pernet_ops will remove all rules.
However, there is one caveat:

Base chains that register ingress hooks will cause use-after-free:
device is already gone at that point.

The device event handlers prevent this from happening:
netns exit synthesizes unregister events for all devices.

However, an improper fix for a race condition made the notifiers a no-op
in case they get called from netns exit path, so revert that part.

This is safe now as the previous patch fixed nf_tables pernet ops
and device notifier initialisation ordering.

Fixes: d1dda797fdea2 ("netfilter: nf_tables: close race between netns exit and rmmod")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

net/netfilter/nf_tables_api.c		diff \| blob \| history
net/netfilter/nft_chain_filter.c		diff \| blob \| history