netfilter: nf_tables: disable toggling dormant table state more than once - lwn.git - Linux kernel documentation tree maintained by Jonathan Corbet

diff options

author	Florian Westphal <fw@strlen.de>	2023-09-15 15:18:11 +0200
committer	Florian Westphal <fw@strlen.de>	2023-09-20 10:35:23 +0200
commit	c9bd26513b3a11b3adb3c2ed8a31a01a87173ff1 (patch)
tree	3a9e294406600957685562b4fdcd55053c9104d1 /include
parent	4e4b1798cc90e376b8b61d0098b4093898a32227 (diff)
download	lwn-c9bd26513b3a11b3adb3c2ed8a31a01a87173ff1.tar.gz lwn-c9bd26513b3a11b3adb3c2ed8a31a01a87173ff1.zip

netfilter: nf_tables: disable toggling dormant table state more than once

nft -f -<<EOF add table ip t add table ip t { flags dormant; } add chain ip t c { type filter hook input priority 0; } add table ip t EOF Triggers a splat from nf core on next table delete because we lose track of right hook register state: WARNING: CPU: 2 PID: 1597 at net/netfilter/core.c:501 __nf_unregister_net_hook RIP: 0010:__nf_unregister_net_hook+0x41b/0x570 nf_unregister_net_hook+0xb4/0xf0 __nf_tables_unregister_hook+0x160/0x1d0 [..] The above should have table in *active* state, but in fact no hooks were registered. Reject on/off/on games rather than attempting to fix this. Fixes: 179d9ba5559a ("netfilter: nf_tables: fix table flag updates") Reported-by: "Lee, Cherie-Anne" <cherie.lee@starlabs.sg> Cc: Bing-Jhong Billy Jheng <billy@starlabs.sg> Cc: info@starlabs.sg Signed-off-by: Florian Westphal <fw@strlen.de>

Diffstat (limited to 'include')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: