Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp5084951imu; Sat, 1 Dec 2018 08:50:42 -0800 (PST) X-Google-Smtp-Source: AFSGD/WdiI4yq48VW8nS35C+9Yk/E0m4h+VX2Q5PpjBfE9Xcr+3ovioboZIjT32//XInodhsL8X5 X-Received: by 2002:aa7:81d0:: with SMTP id c16mr9737552pfn.153.1543683042523; Sat, 01 Dec 2018 08:50:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543683042; cv=none; d=google.com; s=arc-20160816; b=YhvqZHCuiin5EIDzaBoPCAoS4p8wShCoflqBPPnGjbPFQYOqcNAaWxokLyUmAsD2wo 9Mfe7eG0Gq7Rbcz2iihKc++jVzytrOEs+KWRfbwFMses0fyIE09i12ydz0QB/DmAJ6Jk iefSjma+m9/PGiehAvXnLFIjIcDlI8rd4wDMq5dG/GyQuCTBPEjLezkb/Rh1a1alVBpW P4V9VU7xOByGVEKtJF0x4zVxmDOm9MRcPfTVPUFOLD2F+vT1lfX5GE1KgQsq6cTZHrrP EHpZA9FVp2gTOClvkHaUlm67n7DE3ShwQ6uUfOpEUScbYyxYE78Ithon4ENajbwl9HK2 e/wg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date:dkim-signature; bh=odm+Gd7VwbhVWFuGc4SjaxJfmRm3HnrTaSD2hzHiNQE=; b=DleFZqw2pgBm5/oMiD8TdkzSb1ghww8fpx5xil1csoksehA3tBWLtIwLhYtva5MGKV sxg50rg22fNc/PE3PN6XlviPY0rQDC+QEAgpovVPWrVG1UIsBD0EQQws13pfm5NqSohH EzQhgSRd//z7/2dVNSGRRR1CIOi452IGYVxILcfDO0eTJOdxa/yTyiBAHUhBEeTk6cDo v+6OpakGaWFoxMvVfM3QLObsinBPypeaQlW5KH49okKwrePBDeYJJEaF7qS6Ya8HmBAH r2XJAvLnSDT7TjaqHW6CThss4zDYpFWxyVFYmbnGZYSMMxi2TfSNIoot//bfkaOe/XFK KMjA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@blackhole.kfki.hu header.s=20151130 header.b=qfTC24lv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=blackhole.kfki.hu Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r11si7883656pgg.327.2018.12.01.08.50.26; Sat, 01 Dec 2018 08:50:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@blackhole.kfki.hu header.s=20151130 header.b=qfTC24lv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=blackhole.kfki.hu Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727122AbeLBEBZ (ORCPT + 99 others); Sat, 1 Dec 2018 23:01:25 -0500 Received: from smtp-out.kfki.hu ([148.6.0.46]:37413 "EHLO smtp-out.kfki.hu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726778AbeLBEBZ (ORCPT ); Sat, 1 Dec 2018 23:01:25 -0500 X-Greylist: delayed 505 seconds by postgrey-1.27 at vger.kernel.org; Sat, 01 Dec 2018 23:01:24 EST Received: from localhost (localhost [127.0.0.1]) by smtp1.kfki.hu (Postfix) with ESMTP id 31CA93C800F3; Sat, 1 Dec 2018 17:40:04 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= blackhole.kfki.hu; h=mime-version:user-agent:references :message-id:in-reply-to:from:from:date:date:received:received :received; s=20151130; t=1543682401; x=1545496802; bh=odm+Gd7Vwb hVWFuGc4SjaxJfmRm3HnrTaSD2hzHiNQE=; b=qfTC24lvxFZgoRX/wZxCqLbBtZ FaVToZl6naD0Ur3ebokUvz3tX8ObTo+S355hVt3hdpi87Uuv6XVnBW1ZF8rfRrkT fGXuMQnaUw3CByqSCHh3mF5GOY/n066+OMC2z+A0zVSLOI8pD3Bk2tsoQZNB+PrD 59mF7fIaYzbuwA9WI= X-Virus-Scanned: Debian amavisd-new at smtp1.kfki.hu Received: from smtp1.kfki.hu ([127.0.0.1]) by localhost (smtp1.kfki.hu [127.0.0.1]) (amavisd-new, port 10026) with ESMTP; Sat, 1 Dec 2018 17:40:01 +0100 (CET) Received: from blackhole.kfki.hu (blackhole.kfki.hu [148.6.240.2]) by smtp1.kfki.hu (Postfix) with ESMTP id 49D6A3C800F1; Sat, 1 Dec 2018 17:40:01 +0100 (CET) Received: by blackhole.kfki.hu (Postfix, from userid 1000) id 2367C210F6; Sat, 1 Dec 2018 17:40:01 +0100 (CET) Date: Sat, 1 Dec 2018 17:40:01 +0100 (CET) From: Jozsef Kadlecsik To: Pan Bian cc: Pablo Neira Ayuso , Florian Westphal , "David S. Miller" , Stefano Brivio , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel In-Reply-To: <1543228930-103509-1-git-send-email-bianpan2016@163.com> Message-ID: References: <1543228930-103509-1-git-send-email-bianpan2016@163.com> User-Agent: Alpine 2.20 (DEB 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On Mon, 26 Nov 2018, Pan Bian wrote: > In the error handling block, nla_nest_cancel(skb, atd) is called to > cancel the nest operation. But then, ipset_nest_end(skb, atd) is > unexpected called to end the nest operation. This patch calls the > ipset_nest_end only on the branch that nla_nest_cancel is > not called. > > Fixes: 45040978c89("netfilter: ipset: Fix set:list type crash when > flush/dump set in parallel") Good catch, thank you. Patch is applied in ipset git tree. Best regards, Jozsef > Signed-off-by: Pan Bian > --- > net/netfilter/ipset/ip_set_list_set.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/netfilter/ipset/ip_set_list_set.c b/net/netfilter/ipset/ip_set_list_set.c > index 4eef55d..8da228d 100644 > --- a/net/netfilter/ipset/ip_set_list_set.c > +++ b/net/netfilter/ipset/ip_set_list_set.c > @@ -531,8 +531,8 @@ list_set_list(const struct ip_set *set, > ret = -EMSGSIZE; > } else { > cb->args[IPSET_CB_ARG0] = i; > + ipset_nest_end(skb, atd); > } > - ipset_nest_end(skb, atd); > out: > rcu_read_unlock(); > return ret; > -- > 2.7.4 > > > - E-mail : kadlec@blackhole.kfki.hu, kadlecsik.jozsef@wigner.mta.hu PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary