Google Git
Sign in
gbmc / linux / 3d483faa66639ad96d8373046c47f2b2d76fdf76
commit3d483faa66639ad96d8373046c47f2b2d76fdf76[log] [tgz]
authorPhil Sutter <phil@nwl.cc>Thu Nov 09 16:01:16 2023 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>Fri Dec 22 12:08:38 2023 +0100
treea12daa3a6e7cebd9e9b5a587fec29e6f03b15a10
parentf649be6d9c84960e358f350914a0673411467b11 [diff]
netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET requests

Set expressions' dump callbacks are not concurrency-safe per-se with
reset bit set. If two CPUs reset the same element at the same time,
values may underrun at least with element-attached counters and quotas.

Prevent this by introducing dedicated callbacks for nfnetlink and the
asynchronous dump handling to serialize access.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
1 file changed
tree: a12daa3a6e7cebd9e9b5a587fec29e6f03b15a10
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. io_uring/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. rust/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .cocciconfig
  27. .get_maintainer.ignore
  28. .gitattributes
  29. .gitignore
  30. .mailmap
  31. .rustfmt.toml
  32. COPYING
  33. CREDITS
  34. Kbuild
  35. Kconfig
  36. MAINTAINERS
  37. Makefile
  38. README