linux/net
Florian Westphal 4a02426787 netfilter: tproxy: fix deadlock due to missing BH disable
The xtables packet traverser performs an unconditional local_bh_disable(),
but the nf_tables evaluation loop does not.

Functions that are called from either xtables or nftables must assume
that they can be called in process context.

inet_twsk_deschedule_put() assumes that no softirq interrupt can occur.
If tproxy is used from nf_tables its possible that we'll deadlock
trying to aquire a lock already held in process context.

Add a small helper that takes care of this and use it.

Link: https://lore.kernel.org/netfilter-devel/401bd6ed-314a-a196-1cdc-e13c720cc8f2@balasys.hu/
Fixes: 4ed8eb6570 ("netfilter: nf_tables: Add native tproxy support")
Reported-and-tested-by: Major Dávid <major.david@balasys.hu>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2023-03-06 12:09:48 +01:00
..
6lowpan
9p xen: branch for v6.2-rc4 2023-01-12 17:02:20 -06:00
802 treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
8021q
appletalk
atm driver core: make struct class.dev_uevent() take a const * 2022-11-24 17:12:15 +01:00
ax25 ax25: af_ax25: Remove unnecessary (void*) conversions 2022-11-16 13:31:03 +00:00
batman-adv batman-adv: tvlv: prepare for tvlv enabled multicast packet type 2023-01-21 19:01:59 +01:00
bluetooth TTY/Serial driver updates for 6.3-rc1 2023-02-24 12:17:14 -08:00
bpf Revert "bpf, test_run: fix &xdp_frame misplacement for LIVE_FRAMES" 2023-02-17 12:24:33 -08:00
bpfilter
bridge Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf 2023-02-22 21:25:23 -08:00
caif net: caif: Fix use-after-free in cfusbl_device_notify() 2023-03-02 22:22:07 -08:00
can Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-02-09 12:25:40 -08:00
ceph Networking changes for 6.3. 2023-02-21 18:24:12 -08:00
core net: use indirect calls helpers for sk_exit_memory_pressure() 2023-03-02 11:35:06 +01:00
dcb net: dcb: add helper functions to retrieve PCP and DSCP rewrite maps 2023-01-20 09:33:22 +00:00
dccp dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions. 2023-02-10 19:53:42 -08:00
devlink devlink: drop leftover duplicate/unused code 2023-02-20 11:38:35 +00:00
dns_resolver
dsa net: dsa: use NL_SET_ERR_MSG_WEAK_MOD() more consistently 2023-02-03 19:23:32 -08:00
ethernet net: ethernet: use sysfs_emit() to instead of scnprintf() 2022-12-07 20:02:44 -08:00
ethtool net: ethtool: fix __ethtool_dev_mm_supported() implementation 2023-02-21 09:05:01 -08:00
hsr hsr: Use a single struct for self_node. 2022-12-01 20:26:22 -08:00
ieee802154 ieee802154: Prevent user from crashing the host 2023-03-02 14:39:48 +01:00
ife
ipv4 netfilter: tproxy: fix deadlock due to missing BH disable 2023-03-06 12:09:48 +01:00
ipv6 netfilter: tproxy: fix deadlock due to missing BH disable 2023-03-06 12:09:48 +01:00
iucv
kcm net/sock: Introduce trace_sk_data_ready() 2023-01-23 11:26:50 +00:00
key af_key: Fix heap information leak 2023-02-13 09:30:14 +00:00
l2tp l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register() 2023-02-20 09:25:20 +00:00
l3mdev
lapb
llc
mac80211 wifi: mac80211: add documentation for amsdu_mesh_control 2023-02-15 18:31:16 +01:00
mac802154 Merge tag 'ieee802154-for-net-next-2023-02-20' of git://git.kernel.org/pub/scm/linux/kernel/git/sschmidt/wpan-next 2023-02-20 16:40:52 -08:00
mctp net: mctp: purge receive queues on sk destruction 2023-01-28 00:26:09 -08:00
mpls net: mpls: fix stale pointer if allocation fails during device rename 2023-02-15 10:26:37 +00:00
mptcp net: no longer support SOCK_REFCNT_DEBUG feature 2023-02-15 10:25:21 +00:00
ncsi net/ncsi: Silence runtime memcpy() false positive warning 2022-12-06 17:29:14 -08:00
netfilter netfilter: ctnetlink: revert to dumping mark regardless of event type 2023-03-06 12:09:23 +01:00
netlabel
netlink genetlink: Use string_is_terminated() helper 2023-02-09 22:30:24 -08:00
netrom netrom: Fix use-after-free caused by accept on already connected socket 2023-01-30 07:30:47 +00:00
nfc nfc: fix memory leak of se_io context in nfc_genl_se_io 2023-02-26 14:55:13 +00:00
nsh
openvswitch There is no particular theme here - mainly quick hits all over the tree. 2023-02-23 17:55:40 -08:00
packet net: no longer support SOCK_REFCNT_DEBUG feature 2023-02-15 10:25:21 +00:00
phonet net/sock: Introduce trace_sk_data_ready() 2023-01-23 11:26:50 +00:00
psample
qrtr Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-02-02 14:49:55 -08:00
rds rds: rds_rm_zerocopy_callback() correct order for list_add_tail() 2023-02-13 09:33:39 +00:00
rfkill rfkill: Use sysfs_emit() to instead of sprintf() 2023-02-14 12:21:14 +01:00
rose net/rose: Fix to not accept on connected socket 2023-01-28 00:19:57 -08:00
rxrpc Networking changes for 6.3. 2023-02-21 18:24:12 -08:00
sched net/sched: flower: fix fl_change() error recovery path 2023-03-01 08:49:54 +00:00
sctp sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop 2023-02-23 12:59:40 -08:00
smc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-02-21 09:29:25 -08:00
strparser
sunrpc NFS Client Updates for Linux 6.3 2023-02-22 14:47:20 -08:00
switchdev
tipc Networking changes for 6.3. 2023-02-21 18:24:12 -08:00
tls net: tls: avoid hanging tasks on the tx_lock 2023-03-01 20:32:36 -08:00
unix Networking changes for 6.3. 2023-02-21 18:24:12 -08:00
vmw_vsock Networking changes for 6.3. 2023-02-21 18:24:12 -08:00
wireless wifi: wext: warn about usage only once 2023-02-26 19:53:35 +02:00
x25 net/x25: Fix to not accept on connected socket 2023-01-25 09:51:04 +00:00
xdp xsk: add linux/vmalloc.h to xsk.c 2023-02-21 09:00:09 -08:00
xfrm bpf-next-for-netdev 2023-02-10 17:51:27 -08:00
compat.c use less confusing names for iov_iter direction initializers 2022-11-25 13:01:55 -05:00
devres.c
Kconfig
Kconfig.debug
Makefile devlink: move code to a dedicated directory 2023-01-05 22:12:00 -08:00
socket.c Networking changes for 6.3. 2023-02-21 18:24:12 -08:00
sysctl_net.c