OpenCloudOS-Kernel/net/openvswitch
Hyunwoo Kim eaa5e164a2 net: openvswitch: Fix Use-After-Free in ovs_ct_exit
[ Upstream commit 5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2 ]

Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal
of ovs_ct_limit_exit, is not part of the RCU read critical section, it
is possible that the RCU grace period will pass during the traversal and
the key will be free.

To prevent this, it should be changed to hlist_for_each_entry_safe.

Fixes: 11efd5cb04 ("openvswitch: Support conntrack zone limit")
Signed-off-by: Hyunwoo Kim <v4bel@theori.io>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Aaron Conole <aconole@redhat.com>
Link: https://lore.kernel.org/r/ZiYvzQN/Ry5oeFQW@v4bel-B760M-AORUS-ELITE-AX
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-05-02 16:32:38 +02:00
..
Kconfig net: create nf_conntrack_ovs for ovs and tc use 2023-02-10 16:23:03 -08:00
Makefile openvswitch: add trace points 2021-06-22 10:47:32 -07:00
actions.c net: openvswitch: add misc error drop reasons 2023-08-14 08:01:06 +01:00
conntrack.c net: openvswitch: Fix Use-After-Free in ovs_ct_exit 2024-05-02 16:32:38 +02:00
conntrack.h net/sched: act_api: fix miss set post_ct for ovs after do conntrack in act_ct 2021-03-16 15:22:18 -07:00
datapath.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-08-18 12:44:56 -07:00
datapath.h net/sched: Enable tc skb ext allocation on chain miss only when needed 2022-02-05 10:12:53 +00:00
dp_notify.c net: openvswitch: use netif_ovs_is_port() instead of opencode 2019-07-08 15:53:25 -07:00
drop.h net: openvswitch: add misc error drop reasons 2023-08-14 08:01:06 +01:00
flow.c net/sched: cls_api: Support hardware miss to tc action 2023-02-20 16:46:10 -08:00
flow.h net: openvswitch: reduce cpu_used_mask memory 2023-02-06 22:36:29 -08:00
flow_netlink.c net: openvswitch: limit the number of recursions from action sets 2024-02-23 09:24:51 +01:00
flow_netlink.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 269 2019-06-05 17:30:29 +02:00
flow_table.c There is no particular theme here - mainly quick hits all over the tree. 2023-02-23 17:55:40 -08:00
flow_table.h net: openvswitch: fix to make sure flow_lookup() is not preempted 2020-10-18 12:29:36 -07:00
meter.c genetlink: remove userhdr from struct genl_info 2023-08-15 14:54:44 -07:00
meter.h net: openvswitch: use u64 for meter bucket 2020-04-23 18:26:11 -07:00
openvswitch_trace.c openvswitch: add trace points 2021-06-22 10:47:32 -07:00
openvswitch_trace.h openvswitch: add trace points 2021-06-22 10:47:32 -07:00
vport-geneve.c rtnetlink: Honour NLM_F_ECHO flag in rtnl_delete_link 2022-10-31 18:10:21 -07:00
vport-gre.c rtnetlink: Honour NLM_F_ECHO flag in rtnl_delete_link 2022-10-31 18:10:21 -07:00
vport-internal_dev.c openvswitch: Change the return type for vport_ops.send function hook to int 2022-09-19 18:28:50 -07:00
vport-internal_dev.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 269 2019-06-05 17:30:29 +02:00
vport-netdev.c rtnetlink: Honour NLM_F_ECHO flag in rtnl_delete_link 2022-10-31 18:10:21 -07:00
vport-netdev.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 269 2019-06-05 17:30:29 +02:00
vport-vxlan.c rtnetlink: Honour NLM_F_ECHO flag in rtnl_delete_link 2022-10-31 18:10:21 -07:00
vport.c net: openvswitch: fix upcall counter access before allocation 2023-06-07 12:25:05 +01:00
vport.h net: openvswitch: Add support to count upcall packets 2022-12-09 10:43:46 +00:00