android/android_kernel_samsung_sm8650
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ac613d0bd2
android_kernel_samsung_sm8650/include
History
Pablo Neira Ayuso 4507918cd1 netfilter: nf_tables: deactivate anonymous set from preparation phase 
commit c1592a89942e9678f7d9c8030efa777c0d57edab upstream.

Toggle deleted anonymous sets as inactive in the next generation, so
users cannot perform any update on it. Clear the generation bitmask
in case the transaction is aborted.

The following KASAN splat shows a set element deletion for a bound
anonymous set that has been already removed in the same transaction.

[   64.921510] ==================================================================
[   64.923123] BUG: KASAN: wild-memory-access in nf_tables_commit+0xa24/0x1490 [nf_tables]
[   64.924745] Write of size 8 at addr dead000000000122 by task test/890
[   64.927903] CPU: 3 PID: 890 Comm: test Not tainted 6.3.0+ #253
[   64.931120] Call Trace:
[   64.932699]  <TASK>
[   64.934292]  dump_stack_lvl+0x33/0x50
[   64.935908]  ? nf_tables_commit+0xa24/0x1490 [nf_tables]
[   64.937551]  kasan_report+0xda/0x120
[   64.939186]  ? nf_tables_commit+0xa24/0x1490 [nf_tables]
[   64.940814]  nf_tables_commit+0xa24/0x1490 [nf_tables]
[   64.942452]  ? __kasan_slab_alloc+0x2d/0x60
[   64.944070]  ? nf_tables_setelem_notify+0x190/0x190 [nf_tables]
[   64.945710]  ? kasan_set_track+0x21/0x30
[   64.947323]  nfnetlink_rcv_batch+0x709/0xd90 [nfnetlink]
[   64.948898]  ? nfnetlink_rcv_msg+0x480/0x480 [nfnetlink]

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-05-11 23:03:42 +09:00
..
acpi ACPI: video: Add auto_detect arg to __acpi_video_get_backlight_type() 2023-04-13 16:55:33 +02:00
asm-generic asm-generic/io.h: suppress endianness warnings for readq() and writeq() 2023-05-11 23:02:58 +09:00
clocksource clocksource/drivers/timer-ti-dm: Move struct omap_dm_timer fields to driver 2022-09-20 10:49:46 +02:00
crypto crypto: scatterwalk - Remove unused inline function scatterwalk_aligned() 2022-09-30 13:59:13 +08:00
drm drm/i915/dg2: Drop one PCI ID 2023-05-11 23:03:07 +09:00
dt-bindings dt-bindings: clocks: imx8mp: Add ID for usb suspend clock 2022-12-31 13:33:09 +01:00
keys
kunit kunit: fix kunit_test_init_section_suites(...) 2023-02-09 11:28:08 +01:00
kvm KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode 2023-04-13 16:55:17 +02:00
linux mailbox: zynqmp: Fix typo in IPI documentation 2023-05-11 23:03:40 +09:00
math-emu
media media: uvcvideo: Add GUID for BGRA/X 8:8:8:8 2023-03-11 13:55:35 +01:00
memory memory: renesas-rpc-if: Split-off private data from struct rpcif 2023-03-11 13:55:17 +01:00
misc
net netfilter: nf_tables: deactivate anonymous set from preparation phase 2023-05-11 23:03:42 +09:00
pcmcia
ras
rdma RDMA/core: Add UVERBS_ATTR_RAW_FD 2022-09-27 10:15:24 -03:00
rv
scsi scsi: libsas: Add sas_ata_device_link_abort() 2023-05-11 23:03:20 +09:00
soc ARM: at91: pm: avoid soft resetting AC DLL 2022-11-01 12:25:19 +02:00
sound ASoC: amd: fix ACP version typo mistake 2023-05-11 23:02:59 +09:00
target scsi: target: Fix multiple LUN_RESET handling 2023-05-11 23:03:19 +09:00
trace net: qrtr: correct types of trace event parameters 2023-05-11 23:03:20 +09:00
uapi btrfs: scrub: reject unsupported scrub flags 2023-05-11 23:03:40 +09:00
ufs scsi: ufs: exynos: Fix DMA alignment for PAGE_SIZE != 4096 2023-03-10 09:33:15 +01:00
vdso
video
xen ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 2023-05-11 23:03:11 +09:00