| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 8 Feb 2024 06:48:27 +0100
From: Thorsten Leemhuis <regressions@...mhuis.info>
To: Pablo Neira Ayuso <pablo@...filter.org>, netfilter-devel@...r.kernel.org
Cc: davem@...emloft.net, netdev@...r.kernel.org, kuba@...nel.org,
pabeni@...hat.com, edumazet@...gle.com, fw@...len.de
Subject: Re: [PATCH net 05/13] netfilter: ipset: Missing gc cancellations
fixed
On 08.02.24 00:37, Pablo Neira Ayuso wrote:
> From: Jozsef Kadlecsik <kadlec@...filter.org>
>
> The patch fdb8e12cc2cc ("netfilter: ipset: fix performance regression
> in swap operation") missed to add the calls to gc cancellations
> at the error path of create operations and at module unload. Also,
> because the half of the destroy operations now executed by a
> function registered by call_rcu(), neither NFNL_SUBSYS_IPSET mutex
> or rcu read lock is held and therefore the checking of them results
> false warnings.
>
> Reported-by: syzbot+52bbc0ad036f6f0d4a25@...kaller.appspotmail.com
> Reported-by: Brad Spengler <spender@...ecurity.net>
> Reported-by: Стас Ничипорович <stasn77@...il.com>
> Fixes: fdb8e12cc2cc ("netfilter: ipset: fix performance regression in swap operation")
FWIW, in case anyone cares: that afaics should be
Fixes: 97f7cf1cd80e ("netfilter: ipset: fix performance regression in swap operation")
instead, as noted yesterday elsewhere[1].
Ciao, Thorsten
[1] https://lore.kernel.org/all/07cf1cf8-825e-47b9-9837-f91ae958dd6b@leemhuis.info/
Powered by blists - more mailing lists