Google Git
Sign in
cos / third_party / kernel / 10745642ecaddf9eb1d5e1221bb9d5af2f306d48
commit10745642ecaddf9eb1d5e1221bb9d5af2f306d48[log] [tgz]
authorPablo Neira Ayuso <pablo@netfilter.org>Tue Nov 21 13:14:21 2023 +0100
committerOleksandr Tymoshenko <ovt@google.com>Tue Dec 05 22:28:45 2023 +0000
tree1188f8ef05c421f7bf649c106586d182e429c848
parent99fbd76e7b74692d078e7eb9feaf121fa3af3e4b [diff]
netfilter: nf_tables: remove catchall element in GC sync path

[ Upstream commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630 ]

The expired catchall element is not deactivated and removed from GC sync
path. This path holds mutex so just call nft_setelem_data_deactivate()
and nft_setelem_catchall_remove() before queueing the GC work.

BUG=b/313503901
TEST=presubmit
RELEASE_NOTE=Fixed CVE-2023-6111 in the Linux kernel.

cos-patch: security-high
Fixes: 4a9e12ea7e70 ("netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC")
Reported-by: lonial con <kongln9170@gmail.com>
Change-Id: Ifd5cc4a8f9a1fe11acec1b4d379ff9222467c84b
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Reviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/61707
Reviewed-by: Michael Kochera <kochera@google.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
1 file changed
tree: 1188f8ef05c421f7bf649c106586d182e429c848
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. google/
  9. include/
  10. init/
  11. io_uring/
  12. ipc/
  13. kernel/
  14. lib/
  15. LICENSES/
  16. mm/
  17. net/
  18. rust/
  19. samples/
  20. scripts/
  21. security/
  22. sound/
  23. tools/
  24. usr/
  25. virt/
  26. .clang-format
  27. .cocciconfig
  28. .get_maintainer.ignore
  29. .gitattributes
  30. .gitignore
  31. .mailmap
  32. .rustfmt.toml
  33. COPYING
  34. CREDITS
  35. Kbuild
  36. Kconfig
  37. MAINTAINERS
  38. Makefile
  39. PRESUBMIT.cfg
  40. README