git.ipfire.org Git - thirdparty/ipset.git/commit

author	Jozsef Kadlecsik <kadlec@netfilter.org>
	Sun, 4 Feb 2024 15:09:09 +0000 (16:09 +0100)
committer	Jozsef Kadlecsik <kadlec@netfilter.org>
	Sun, 4 Feb 2024 15:33:40 +0000 (16:33 +0100)
commit	917671418de146c23470d29d94d25104a5c9ca06
tree	dcb946ddaab25b72e2adbac321a74563e4859ddb	tree
parent	2024f63f774be32abcf8992f4dc28754990558a1	commit \| diff

netfilter: ipset: Missing gc cancellations fixed

The patch fdb8e12cc2cc ("netfilter: ipset: fix performance regression
in swap operation") missed to add the calls to gc cancellations
at the error path of create operations and at module unload. Also,
because the half of the destroy operations now executed by a
function registered by call_rcu(), neither NFNL_SUBSYS_IPSET mutex
or rcu read lock is held and therefore the checking of them results
false warnings.

Reported-by: syzbot+52bbc0ad036f6f0d4a25@syzkaller.appspotmail.com
Reported-by: Brad Spengler <spender@grsecurity.net>
Reported-by: Стас Ничипорович <stasn77@gmail.com>
Fixes: fdb8e12cc2cc ("netfilter: ipset: fix performance regression in swap operation")
Tested-by: Brad Spengler <spender@grsecurity.net>
Tested-by: Стас Ничипорович <stasn77@gmail.com>
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>

kernel/net/netfilter/ipset/ip_set_core.c		diff \| blob \| blame \| history
kernel/net/netfilter/ipset/ip_set_hash_gen.h		diff \| blob \| blame \| history