[PATCH 3.16 061/204] netfilter: ipset: pernet ops must be unregistered last

From: Ben Hutchings
Date: Thu Dec 28 2017 - 13:00:47 EST

Next message: Ben Hutchings: "[PATCH 3.16 060/204] l2tp: fix race condition in l2tp_tunnel_delete"
Previous message: Ben Hutchings: "[PATCH 3.16 066/204] USB: dummy-hcd: fix infinite-loop resubmission bug"
In reply to: Ben Hutchings: "[PATCH 3.16 066/204] USB: dummy-hcd: fix infinite-loop resubmission bug"
Next in thread: Ben Hutchings: "[PATCH 3.16 060/204] l2tp: fix race condition in l2tp_tunnel_delete"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.16.52-rc1 review patch. If anyone has any objections, please let me know.

------------------

From: Florian Westphal <fw@xxxxxxxxx>

commit e23ed762db7ed1950a6408c3be80bc56909ab3d4 upstream.

Removing the ipset module leaves a small window where one cpu performs
module removal while another runs a command like 'ipset flush'.

ipset uses net_generic(), unregistering the pernet ops frees this
storage area.

Fix it by first removing the user-visible api handlers and the pernet
ops last.

Fixes: 1785e8f473082 ("netfiler: ipset: Add net namespace for ipset")
Reported-by: Li Shuang <shuali@xxxxxxxxxx>
Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
Acked-by: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[bwh: Backported to 3.16: adjust context]
Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
---
--- a/net/netfilter/ipset/ip_set_core.c
+++ b/net/netfilter/ipset/ip_set_core.c
@@ -1982,24 +1982,28 @@ static struct pernet_operations ip_set_n
static int __init
ip_set_init(void)
{
- int ret = nfnetlink_subsys_register(&ip_set_netlink_subsys);
+ int ret = register_pernet_subsys(&ip_set_net_ops);
+
+ if (ret) {
+ pr_err("ip_set: cannot register pernet_subsys.\n");
+ return ret;
+ }
+
+ ret = nfnetlink_subsys_register(&ip_set_netlink_subsys);
if (ret != 0) {
pr_err("ip_set: cannot register with nfnetlink.\n");
+ unregister_pernet_subsys(&ip_set_net_ops);
return ret;
}
+
ret = nf_register_sockopt(&so_set);
if (ret != 0) {
pr_err("SO_SET registry failed: %d\n", ret);
nfnetlink_subsys_unregister(&ip_set_netlink_subsys);
+ unregister_pernet_subsys(&ip_set_net_ops);
return ret;
}
- ret = register_pernet_subsys(&ip_set_net_ops);
- if (ret) {
- pr_err("ip_set: cannot register pernet_subsys.\n");
- nf_unregister_sockopt(&so_set);
- nfnetlink_subsys_unregister(&ip_set_netlink_subsys);
- return ret;
- }
+
pr_info("ip_set: protocol %u\n", IPSET_PROTOCOL);
return 0;
}
@@ -2007,9 +2011,10 @@ ip_set_init(void)
static void __exit
ip_set_fini(void)
{
- unregister_pernet_subsys(&ip_set_net_ops);
nf_unregister_sockopt(&so_set);
nfnetlink_subsys_unregister(&ip_set_netlink_subsys);
+
+ unregister_pernet_subsys(&ip_set_net_ops);
pr_debug("these are the famous last words\n");
}

Next message: Ben Hutchings: "[PATCH 3.16 060/204] l2tp: fix race condition in l2tp_tunnel_delete"
Previous message: Ben Hutchings: "[PATCH 3.16 066/204] USB: dummy-hcd: fix infinite-loop resubmission bug"
In reply to: Ben Hutchings: "[PATCH 3.16 066/204] USB: dummy-hcd: fix infinite-loop resubmission bug"
Next in thread: Ben Hutchings: "[PATCH 3.16 060/204] l2tp: fix race condition in l2tp_tunnel_delete"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]