git.proxmox.com Git - mirror_ubuntu-kernels.git/commit

author	Jozsef Kadlecsik <kadlec@netfilter.org>
	Sun, 4 Feb 2024 15:26:42 +0000 (16:26 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 8 Feb 2024 11:09:23 +0000 (12:09 +0100)
commit	27c5a095e2518975e20a10102908ae8231699879
tree	a5e70afb6b13bc244f8d2a00716293fefb004927	tree
parent	ab0beafd52b98dfb8b8244b2c6794efbc87478db	commit \| diff

netfilter: ipset: Missing gc cancellations fixed

The patch fdb8e12cc2cc ("netfilter: ipset: fix performance regression
in swap operation") missed to add the calls to gc cancellations
at the error path of create operations and at module unload. Also,
because the half of the destroy operations now executed by a
function registered by call_rcu(), neither NFNL_SUBSYS_IPSET mutex
or rcu read lock is held and therefore the checking of them results
false warnings.

Fixes: 97f7cf1cd80e ("netfilter: ipset: fix performance regression in swap operation")
Reported-by: syzbot+52bbc0ad036f6f0d4a25@syzkaller.appspotmail.com
Reported-by: Brad Spengler <spender@grsecurity.net>
Reported-by: Стас Ничипорович <stasn77@gmail.com>
Tested-by: Brad Spengler <spender@grsecurity.net>
Tested-by: Стас Ничипорович <stasn77@gmail.com>
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

net/netfilter/ipset/ip_set_core.c		diff \| blob \| blame \| history
net/netfilter/ipset/ip_set_hash_gen.h		diff \| blob \| blame \| history