aboutsummaryrefslogtreecommitdiffstats
path: root/tools/perf/scripts/python/net_dropmonitor.py
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2023-05-02 10:25:24 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2023-05-03 08:24:32 +0200
commitc1592a89942e9678f7d9c8030efa777c0d57edab (patch)
treeee459182ca14be12b400f4998fcec4a30eedf0a3 /tools/perf/scripts/python/net_dropmonitor.py
parentselftests: netfilter: fix libmnl pkg-config usage (diff)
downloadlinux-c1592a89942e9678f7d9c8030efa777c0d57edab.tar.gz
linux-c1592a89942e9678f7d9c8030efa777c0d57edab.zip
netfilter: nf_tables: deactivate anonymous set from preparation phase
Toggle deleted anonymous sets as inactive in the next generation, so users cannot perform any update on it. Clear the generation bitmask in case the transaction is aborted. The following KASAN splat shows a set element deletion for a bound anonymous set that has been already removed in the same transaction. [ 64.921510] ================================================================== [ 64.923123] BUG: KASAN: wild-memory-access in nf_tables_commit+0xa24/0x1490 [nf_tables] [ 64.924745] Write of size 8 at addr dead000000000122 by task test/890 [ 64.927903] CPU: 3 PID: 890 Comm: test Not tainted 6.3.0+ #253 [ 64.931120] Call Trace: [ 64.932699] <TASK> [ 64.934292] dump_stack_lvl+0x33/0x50 [ 64.935908] ? nf_tables_commit+0xa24/0x1490 [nf_tables] [ 64.937551] kasan_report+0xda/0x120 [ 64.939186] ? nf_tables_commit+0xa24/0x1490 [nf_tables] [ 64.940814] nf_tables_commit+0xa24/0x1490 [nf_tables] [ 64.942452] ? __kasan_slab_alloc+0x2d/0x60 [ 64.944070] ? nf_tables_setelem_notify+0x190/0x190 [nf_tables] [ 64.945710] ? kasan_set_track+0x21/0x30 [ 64.947323] nfnetlink_rcv_batch+0x709/0xd90 [nfnetlink] [ 64.948898] ? nfnetlink_rcv_msg+0x480/0x480 [nfnetlink] Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tools/perf/scripts/python/net_dropmonitor.py')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-03 17:20:21 +0000
/a>David S. Miller1-1/+3 2008-09-23can: Add documentation for virtual CAN driver usageOliver Hartkopp1-4/+40 2008-09-23tcp: Fix queue traversal in tcp_use_frto().David S. Miller1-0/+2 2008-09-23tcp: Fix order of tests in tcp_retransmit_skb()David S. Miller1-1/+1 2008-09-23ppp_generic: Use skb_peek() in ppp_receive_mp_frame().David S. Miller1-3/+5 2008-09-23neigh: Remove by-hand SKB queue handling.David S. Miller1-13/+8 2008-09-23pkt_sched: Remove the tx queue state check in qdisc_run()Jarek Poplawski1-4/+1 2008-09-23tcp: Use SKB queue handling interfaces instead of by-hand versions.David S. Miller1-25/+15 2008-09-23net: Add skb_queue_walk_from() and skb_queue_walk_from_safe().David S. Miller1-0/+9 2008-09-23net: Add skb_queue_next().David S. Miller1-0/+18 2008-09-23tcp: Use skb_queue_is_last() instead of by-hand version.David S. Miller1-3/+3 2008-09-23net: Add skb_queue_is_last().David S. Miller1-0/+13 2008-09-23usbatm: Use skb_queue_walk_safe() instead of by-hand implementation.David S. Miller1-3/+2 2008-09-23zd1211: Use skb_queue_walk() instead of by-hand implementation.David S. Miller1-1/+1 2008-09-23de4x5: Use skb_queue_head instead of by-hand implementation.David S. Miller1-30/+8 2008-09-22pkt_sched: Check the state of tx_queue in dequeue_skb()Jarek Poplawski1-4/+14 2008-09-22pkt_sched: Always use q->requeue in dev_requeue_skb().David S. Miller1-4/+1 2008-09-22pkt_sched: Make qdisc->gso_skb a list.David S. Miller2-6/+8 2008-09-22sctp: Use skb_queue_walk_safe() and skb_queue_split_tail_init().David S. Miller1-8/+2 2008-09-22net: Fix bus in SKB queue splicing interfaces.David S. Miller1-4/+4 2008-09-22net: network device name ifalias supportStephen Hemminger6-0/+77 2008-09-22usbnet: Use skb_queue_walk_safe() instead of by-hand implementation.David S. Miller1-2/+1