hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-sg2042/net/netfilter
History
Cong Wang 99b79c3900 netfilter: xt_hashlimit: unregister proc file before releasing mutex 
Before releasing the global mutex, we only unlink the hashtable
from the hash list, its proc file is still not unregistered at
this point. So syzbot could trigger a race condition where a
parallel htable_create() could register the same file immediately
after the mutex is released.

Move htable_remove_proc_entry() back to mutex protection to
fix this. And, fold htable_destroy() into htable_put() to make
the code slightly easier to understand.

Reported-and-tested-by: syzbot+d195fd3b9a364ddd6731@syzkaller.appspotmail.com
Fixes: c4a3922d2d ("netfilter: xt_hashlimit: reduce hashlimit_mutex scope for htable_put()")
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2020-02-26 23:25:07 +01:00
..
ipset netfilter: ipset: Fix forceadd evaluation path 2020-02-22 12:13:45 +01:00
ipvs ipvs: fix spelling mistake "to" -> "too" 2020-01-24 08:12:06 +01:00
Kconfig
Makefile nf_tables: Add set type for arbitrary concatenation of ranges 2020-01-27 08:54:30 +01:00
core.c
nf_conncount.c
nf_conntrack_acct.c
nf_conntrack_amanda.c
nf_conntrack_broadcast.c
nf_conntrack_core.c netfilter: conntrack: allow insertion of clashing entries 2020-02-17 10:55:14 +01:00
nf_conntrack_ecache.c
nf_conntrack_expect.c
nf_conntrack_extend.c netfilter: conntrack: remove two export symbols 2019-12-17 22:59:31 +01:00
nf_conntrack_ftp.c
nf_conntrack_h323_asn1.c
nf_conntrack_h323_main.c
nf_conntrack_h323_types.c
nf_conntrack_helper.c
nf_conntrack_irc.c
nf_conntrack_labels.c
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c
nf_conntrack_pptp.c
nf_conntrack_proto.c
nf_conntrack_proto_dccp.c netfilter: conntrack: dccp, sctp: handle null timeout argument 2020-01-08 23:31:22 +01:00
nf_conntrack_proto_generic.c
nf_conntrack_proto_gre.c
nf_conntrack_proto_icmp.c
nf_conntrack_proto_icmpv6.c
nf_conntrack_proto_sctp.c netfilter: conntrack: sctp: use distinct states for new SCTP connections 2020-01-24 18:26:53 +01:00
nf_conntrack_proto_tcp.c
nf_conntrack_proto_udp.c netfilter: conntrack: allow insertion of clashing entries 2020-02-17 10:55:14 +01:00
nf_conntrack_sane.c
nf_conntrack_seqadj.c
nf_conntrack_sip.c
nf_conntrack_snmp.c
nf_conntrack_standalone.c
nf_conntrack_tftp.c
nf_conntrack_timeout.c
nf_conntrack_timestamp.c
nf_dup_netdev.c
nf_flow_table_core.c netfilter: flowtable: Fix missing flush hardware on table free 2020-01-31 19:31:41 +01:00
nf_flow_table_inet.c
nf_flow_table_ip.c netfilter: flowtable: refresh flow if hardware offload fails 2020-01-16 15:51:52 +01:00
nf_flow_table_offload.c netfilter: flowtable: skip offload setup if disabled 2020-02-07 15:53:32 +01:00
nf_internals.h
nf_log.c
nf_log_common.c
nf_log_netdev.c
nf_nat_amanda.c
nf_nat_core.c
nf_nat_ftp.c
nf_nat_helper.c
nf_nat_irc.c
nf_nat_masquerade.c
nf_nat_proto.c netfilter: nat: fix ICMP header corruption on ICMP errors 2020-01-16 15:08:25 +01:00
nf_nat_redirect.c
nf_nat_sip.c
nf_nat_tftp.c
nf_queue.c netfilter: nf_queue: enqueue skbs with NULL dst 2019-12-07 19:53:00 +01:00
nf_sockopt.c
nf_synproxy_core.c
nf_tables_api.c netfilter: nf_tables: Support for sets with multiple ranged fields 2020-01-27 08:54:30 +01:00
nf_tables_core.c
nf_tables_offload.c netfilter: nf_tables_offload: fix check the chain offload flag 2020-01-24 20:54:11 +01:00
nf_tables_set_core.c nf_tables: Add set type for arbitrary concatenation of ranges 2020-01-27 08:54:30 +01:00
nf_tables_trace.c
nfnetlink.c netfilter: nf_tables: autoload modules from the abort path 2020-01-24 20:54:29 +01:00
nfnetlink_acct.c
nfnetlink_cthelper.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
nfnetlink_cttimeout.c
nfnetlink_log.c
nfnetlink_osf.c
nfnetlink_queue.c net: netfilter: use skb_list_walk_safe helper for gso segments 2020-01-14 11:48:41 -08:00
nft_bitwise.c netfilter: bitwise: add support for shifts. 2020-01-16 15:52:02 +01:00
nft_byteorder.c
nft_chain_filter.c
nft_chain_nat.c
nft_chain_route.c
nft_cmp.c netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() 2019-12-09 13:14:03 +01:00
nft_compat.c
nft_connlimit.c
nft_counter.c
nft_ct.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
nft_dup_netdev.c
nft_dynset.c netfilter: nf_tables: add NFTA_SET_ELEM_KEY_END attribute 2020-01-27 08:54:30 +01:00
nft_exthdr.c
nft_fib.c
nft_fib_inet.c
nft_fib_netdev.c
nft_flow_offload.c netfilter: nft_flow_offload: fix underflow in flowtable reference counter 2020-01-05 10:06:22 +01:00
nft_fwd_netdev.c
nft_hash.c
nft_immediate.c
nft_limit.c
nft_log.c
nft_lookup.c
nft_masq.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
nft_meta.c netfilter: nft_meta: add support for slave device ifindex matching 2019-12-26 17:41:34 +01:00
nft_nat.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
nft_numgen.c
nft_objref.c
nft_osf.c netfilter: nft_osf: add missing check for DREG attribute 2020-01-18 21:18:41 +01:00
nft_payload.c
nft_queue.c
nft_quota.c
nft_range.c netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() 2019-12-09 13:14:03 +01:00
nft_redir.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
nft_reject.c
nft_reject_inet.c
nft_rt.c
nft_set_bitmap.c netfilter: nf_tables: white-space fixes. 2020-01-16 15:51:55 +01:00
nft_set_hash.c netfilter: nf_tables: white-space fixes. 2020-01-16 15:51:55 +01:00
nft_set_pipapo.c nft_set_pipapo: Actually fetch key data in nft_pipapo_remove() 2020-02-26 14:33:09 +01:00
nft_set_rbtree.c netfilter: nf_tables: Support for sets with multiple ranged fields 2020-01-27 08:54:30 +01:00
nft_socket.c
nft_synproxy.c
nft_tproxy.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2019-12-26 13:11:40 -08:00
nft_tunnel.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net 2020-01-19 22:10:04 +01:00
nft_xfrm.c
utils.c
x_tables.c netfilter: Use kvcalloc 2020-01-31 19:30:54 +01:00
xt_AUDIT.c
xt_CHECKSUM.c
xt_CLASSIFY.c
xt_CONNSECMARK.c
xt_CT.c
xt_DSCP.c
xt_HL.c
xt_HMARK.c
xt_IDLETIMER.c
xt_LED.c
xt_LOG.c
xt_MASQUERADE.c
xt_NETMAP.c
xt_NFLOG.c
xt_NFQUEUE.c
xt_RATEEST.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
xt_REDIRECT.c
xt_SECMARK.c
xt_TCPMSS.c
xt_TCPOPTSTRIP.c
xt_TEE.c
xt_TPROXY.c
xt_TRACE.c
xt_addrtype.c
xt_bpf.c
xt_cgroup.c
xt_cluster.c
xt_comment.c
xt_connbytes.c
xt_connlabel.c
xt_connlimit.c
xt_connmark.c
xt_conntrack.c
xt_cpu.c
xt_dccp.c
xt_devgroup.c
xt_dscp.c
xt_ecn.c
xt_esp.c
xt_hashlimit.c netfilter: xt_hashlimit: unregister proc file before releasing mutex 2020-02-26 23:25:07 +01:00
xt_helper.c
xt_hl.c
xt_ipcomp.c
xt_iprange.c
xt_ipvs.c
xt_l2tp.c
xt_length.c
xt_limit.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_nat.c
xt_nfacct.c
xt_osf.c
xt_owner.c
xt_physdev.c
xt_pkttype.c
xt_policy.c
xt_quota.c
xt_rateest.c
xt_realm.c
xt_recent.c proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
xt_repldata.h
xt_sctp.c
xt_set.c
xt_socket.c
xt_state.c
xt_statistic.c
xt_string.c
xt_tcpmss.c
xt_tcpudp.c
xt_time.c
xt_u32.c