From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 7 Jun 2023 22:19:12 +0000 (+0200)
Subject: netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
X-Git-Tag: v4.14.319~15
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=edeab0e105b05f5cae244e018d2b6cd5d2d57baf;p=thirdparty%2Fkernel%2Fstable.git

netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM

[ Upstream commit a1a64a151dae8ac3581c1cbde44b672045cb658b ]

If caller reports ENOMEM, then stop iterating over the batch and send a
single netlink message to userspace to report OOM.

Fixes: cbb8125eb40b ("netfilter: nfnetlink: deliver netlink errors on batch completion")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---

diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 2cee032af46d2..96ae1c4ad9a91 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -411,7 +411,8 @@ ack:
 			 * processed, this avoids that the same error is
 			 * reported several times when replaying the batch.
 			 */
-			if (nfnl_err_add(&err_list, nlh, err, &extack) < 0) {
+			if (err == -ENOMEM ||
+			    nfnl_err_add(&err_list, nlh, err, &extack) < 0) {
 				/* We failed to enqueue an error, reset the
 				 * list of errors and send OOM to userspace
 				 * pointing to the batch header.