linux/include/net
Pablo Neira Ayuso c03d278fdf netfilter: nf_tables: wait for rcu grace period on net_device removal
8c873e2199 ("netfilter: core: free hooks with call_rcu") removed
synchronize_net() call when unregistering basechain hook, however,
net_device removal event handler for the NFPROTO_NETDEV was not updated
to wait for RCU grace period.

Note that 835b803377 ("netfilter: nf_tables_netdev: unregister hooks
on net_device removal") does not remove basechain rules on device
removal, I was hinted to remove rules on net_device removal later, see
5ebe0b0eec ("netfilter: nf_tables: destroy basechain and rules on
netdevice removal").

Although NETDEV_UNREGISTER event is guaranteed to be handled after
synchronize_net() call, this path needs to wait for rcu grace period via
rcu callback to release basechain hooks if netns is alive because an
ongoing netlink dump could be in progress (sockets hold a reference on
the netns).

Note that nf_tables_pre_exit_net() unregisters and releases basechain
hooks but it is possible to see NETDEV_UNREGISTER at a later stage in
the netns exit path, eg. veth peer device in another netns:

 cleanup_net()
  default_device_exit_batch()
   unregister_netdevice_many_notify()
    notifier_call_chain()
     nf_tables_netdev_event()
      __nft_release_basechain()

In this particular case, same rule of thumb applies: if netns is alive,
then wait for rcu grace period because netlink dump in the other netns
could be in progress. Otherwise, if the other netns is going away then
no netlink dump can be in progress and basechain hooks can be released
inmediately.

While at it, turn WARN_ON() into WARN_ON_ONCE() for the basechain
validation, which should not ever happen.

Fixes: 835b803377 ("netfilter: nf_tables_netdev: unregister hooks on net_device removal")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2024-11-07 12:28:47 +01:00
..
9p netfs, 9p: Implement helpers for new write code 2024-05-01 18:07:37 +01:00
bluetooth Bluetooth: SCO: Fix UAF on sco_sock_timeout 2024-10-23 10:20:29 -04:00
caif net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
iucv s390/iucv: Correct spelling in iucv.h 2024-08-26 09:37:22 -07:00
libeth libeth: add Tx buffer completion helpers 2024-09-09 13:15:37 -07:00
mana Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-09-05 20:37:20 -07:00
netfilter netfilter: nf_tables: wait for rcu grace period on net_device removal 2024-11-07 12:28:47 +01:00
netns xfrm: policy: remove last remnants of pernet inexact list 2024-09-24 09:58:16 +02:00
nfc NFC: Correct spelling in headers 2024-08-26 09:37:23 -07:00
page_pool memory-provider: dmabuf devmem memory provider 2024-09-11 20:44:31 -07:00
phonet net: ioctl: Use kernel memory on protocol ioctl callbacks 2023-06-15 22:33:26 -07:00
sctp sctp: Correct spelling in headers 2024-08-26 09:37:23 -07:00
tc_act net/sched: Retire ipt action 2024-01-02 12:41:16 +00:00
6lowpan.h
act_api.h net/sched: Add helper macros with module names 2024-02-02 10:57:55 -08:00
addrconf.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
af_ieee802154.h
af_rxrpc.h rxrpc, afs: Allow afs to pin rxrpc_peer objects 2023-12-24 15:22:50 +00:00
af_unix.h af_unix: Remove U_LOCK_GC_LISTENER. 2024-06-25 11:10:18 +02:00
af_vsock.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-08-15 17:18:52 -07:00
ah.h
amt.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
arp.h neighbour: switch to standard rcu, instead of rcu_bh 2023-03-21 21:32:18 -07:00
atmclip.h
ax25.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-05-14 10:53:19 -07:00
ax88796.h ax88796: Fix some typo in a comment 2022-08-09 22:14:02 -07:00
bareudp.h bareudp: Move definition of struct bareudp_conf to bareudp.c 2021-12-13 12:34:09 +00:00
bond_3ad.h bonding: Correct spelling in headers 2024-08-26 09:37:22 -07:00
bond_alb.h bonding: Correct spelling in headers 2024-08-26 09:37:22 -07:00
bond_options.h bonding: Add independent control state machine 2024-02-06 13:17:54 +01:00
bonding.h bonding: change ipsec_lock from spin lock to mutex 2024-08-27 13:11:37 -07:00
bpf_sk_storage.h
busy_poll.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-08-29 11:49:10 -07:00
calipso.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
cfg80211-wext.h wifi: cfg80211: Avoid clashing function prototypes 2022-11-16 11:31:47 +02:00
cfg80211.h wifi: cfg80211: Add wiphy_delayed_work_pending() 2024-10-08 21:24:00 +02:00
cfg802154.h mac802154: fix llsec key resources release in mac802154_llsec_key_del 2024-03-06 21:01:26 +01:00
checksum.h net: checksum: drop the linux/uaccess.h include 2023-01-27 11:19:46 +00:00
cipso_ipv4.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
cls_cgroup.h
codel_impl.h codel: remove unnecessary sock.h include 2021-12-22 15:03:47 -08:00
codel_qdisc.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
codel.h codel: fix kernel-doc notation warnings 2023-07-14 20:39:29 -07:00
compat.h net: copy from user before calling __get_compat_msghdr 2022-07-24 18:39:17 -06:00
datalink.h net: datalink: Remove unused declarations 2023-07-27 17:17:32 -07:00
dcbevent.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
dcbnl.h net: dcb: add helper functions to retrieve PCP and DSCP rewrite maps 2023-01-20 09:33:22 +00:00
devlink.h devlink: Constify the 'table_ops' parameter of devl_dpipe_table_register() 2024-06-05 10:24:57 +01:00
dropreason-core.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
dropreason.h net: openvswitch: add last-action drop reason 2023-08-14 08:01:06 +01:00
dsa_stubs.h net: dsa: Use conduit and user terms 2023-10-24 13:08:14 -07:00
dsa.h net: dsa: provide a software untagging function on RX for VLAN-aware bridges 2024-08-16 09:59:32 +01:00
dscp.h net: add IEEE 802.1q specific helpers 2024-05-08 10:35:09 +01:00
dsfield.h
dst_cache.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
dst_metadata.h net: Silence false field-spanning write warning in metadata_dst memcpy 2024-08-20 15:22:17 -07:00
dst_ops.h net: fix __dst_negative_advice() race 2024-05-29 17:34:49 -07:00
dst.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
eee.h net: add helpers for EEE configuration 2024-03-05 19:21:17 -08:00
erspan.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
esp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
espintcp.h inet: preserve const qualifier in inet_csk() 2024-04-01 21:27:08 -07:00
ethoc.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
failover.h net: failover: add net device refcount tracker 2021-12-06 16:06:02 -08:00
fib_notifier.h
fib_rules.h fib: remove unnecessary input parameters in fib_default_rule_add 2024-01-03 16:42:48 -08:00
firewire.h firewire: net: Make use of get_unaligned_be48(), put_unaligned_be48() 2022-07-28 22:21:54 -07:00
flow_dissector.h flow_dissector: cleanup FLOW_DISSECTOR_KEY_ENC_FLAGS 2024-07-15 09:14:39 -07:00
flow_offload.h flow_offload: add encapsulation control flag helpers 2024-06-12 17:56:00 -07:00
flow.h inet: shrink struct flowi_common 2023-11-02 09:31:02 +01:00
fou.h bpf,fou: Add bpf_skb_{set,get}_fou_encap kfuncs 2023-04-12 16:40:39 -07:00
fq_impl.h wifi: mac80211: add support for restricting netdev features per vif 2022-12-01 15:09:10 +01:00
fq.h net: fq: Remove unused typedef fq_flow_get_default_t 2023-08-08 15:58:23 -07:00
garp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
gen_stats.h net: sched: Remove Qdisc::running sequence counter 2021-10-18 12:54:41 +01:00
genetlink.h genetlink: hold RCU in genlmsg_mcast() 2024-10-15 17:52:58 -07:00
geneve.h net: geneve: fix array of flexible structures warnings 2022-10-31 10:43:04 +00:00
gre.h ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
gro_cells.h
gro.h net: gro: fix napi_gro_cb zeroed alignment 2024-05-14 10:49:50 -07:00
gso.h net: move gso declarations and functions to their own files 2023-06-10 00:11:41 -07:00
gtp.h gtp: properly parse extension headers 2024-05-07 01:35:55 +02:00
gue.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
handshake.h net/handshake: Add helpers for parsing incoming TLS Alerts 2023-07-28 14:07:59 -07:00
hotdata.h net: move sysctl_mem_pcpu_rsv to net_hotdata 2024-04-30 18:46:52 -07:00
hwbm.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
icmp.h ipv6: ICMPV6: add response to ICMPV6 RFC 8335 PROBE messages 2021-06-28 14:29:45 -07:00
ieee8021q.h net: add IEEE 802.1q specific helpers 2024-05-08 10:35:09 +01:00
ieee80211_radiotap.h wireless fixes for v6.12-rc5 2024-10-25 10:44:41 +01:00
ieee802154_netdev.h mac802154: Handle association requests from peers 2023-11-20 11:43:03 +01:00
if_inet6.h ipv6: anycast: complete RCU handling of struct ifacaddr6 2024-02-26 18:40:34 -08:00
ife.h
inet6_connection_sock.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
inet6_hashtables.h inet6: constify 'struct net' parameter of various lookup helpers 2024-08-05 16:27:26 -07:00
inet_common.h net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
inet_connection_sock.h Fix race for duplicate reqsk on identical SYN 2024-06-25 11:37:45 +02:00
inet_dscp.h ipv6: Define dscp_t and stop taking ECN bits into account in fib6-rules 2022-02-07 20:12:45 -08:00
inet_ecn.h net: add skb_get_dsfield() helper 2021-10-15 11:33:08 +01:00
inet_frag.h net: Rename mono_delivery_time to tstamp_type for scalabilty 2024-05-23 14:14:23 -07:00
inet_hashtables.h inet: constify 'struct net' parameter of various lookup helpers 2024-08-05 16:22:45 -07:00
inet_sock.h inet: constify inet_sk_bound_dev_eq() net parameter 2024-08-05 16:22:45 -07:00
inet_timewait_sock.h tcp: remove volatile qualifier on tw_substate 2024-08-28 17:08:16 -07:00
inetpeer.h
ioam6.h net: ioam6: multicast event 2024-02-28 11:19:41 +00:00
ip6_checksum.h net: move gro definitions to include/net/gro.h 2021-11-16 13:16:54 +00:00
ip6_fib.h ipv6: introduce dst_rt6_info() helper 2024-04-29 13:32:01 +01:00
ip6_route.h ipv6: fix source address selection with route leak 2024-07-14 07:34:16 -07:00
ip6_tunnel.h ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
ip_fib.h ipv4: Fix user space build failure due to header change 2024-09-04 16:40:33 -07:00
ip_tunnels.h ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() 2024-10-29 11:12:25 -07:00
ip_vs.h ipvs: Correct spelling in comments 2023-04-22 01:39:41 +02:00
ip.h ipv4: Unmask upper DSCP bits in get_rttos() 2024-08-31 17:44:51 +01:00
ipcomp.h xfrm: ipcomp: add extack to ipcomp{4,6}_init_state 2022-09-29 07:18:00 +02:00
ipconfig.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
ipv6_frag.h net: dropreason: add SKB_DROP_REASON_FRAG_REASM_TIMEOUT 2022-10-31 20:14:27 -07:00
ipv6_stubs.h ipv6: udp: constify 'struct net' parameter of socket lookups 2024-08-05 16:27:26 -07:00
ipv6.h ipv6: Correct spelling in ipv6.h 2024-08-26 09:37:22 -07:00
iw_handler.h wifi: cfg80211: wext: Update spelling and grammar 2024-09-03 11:49:27 +02:00
kcm.h kcm: Serialise kcm_sendmsg() for the same socket. 2024-08-19 18:36:12 -07:00
l3mdev.h
lag.h
lapb.h
lib80211.h wifi: lib80211: Handle const struct lib80211_crypto_ops in lib80211 2024-08-27 10:28:49 +02:00
llc_c_ac.h net: llc: Remove unused function declarations 2023-08-04 15:33:17 -07:00
llc_c_ev.h net: llc: Remove unused function declarations 2023-08-04 15:33:17 -07:00
llc_c_st.h llc: Constify struct llc_conn_state_trans 2024-07-15 08:51:01 -07:00
llc_conn.h llc: Check netns in llc_estab_match() and llc_listener_match(). 2023-07-20 10:46:28 +02:00
llc_if.h llc/snap: constify dev_addr passing 2021-10-13 09:40:46 -07:00
llc_pdu.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
llc_s_ac.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
llc_s_ev.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
llc_s_st.h llc: Constify struct llc_sap_state_trans 2024-07-15 08:51:19 -07:00
llc_sap.h
llc.h llc: fix out-of-bound array index in llc_sk_dev_hash() 2021-11-07 19:25:29 +00:00
lwtunnel.h lwt: Check LWTUNNEL_XMIT_CONTINUE strictly 2023-08-18 16:05:26 +02:00
mac80211.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
mac802154.h move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
macsec.h macsec: Enable devices to advertise whether they update sk_buff md_dst during offloads 2024-04-25 08:20:54 -07:00
mctp.h mctp: Handle error of rtnl_register_module(). 2024-10-10 15:39:35 +02:00
mctpdevice.h mctp: Pass flow data & flow release events to drivers 2021-10-29 13:23:51 +01:00
mip6.h
mld.h
mpls_iptunnel.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
mpls.h
mptcp.h mptcp: fallback to TCP after SYN+MPC drops 2024-09-11 15:57:50 -07:00
mrp.h mrp: introduce active flags to prevent UAF when applicant uninit 2022-11-18 12:14:55 +00:00
ncsi.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
ndisc.h ipv6: eliminate ndisc_ops_is_useropt() 2024-08-12 17:23:57 -07:00
neighbour.h sysctl: treewide: constify the ctl_table argument of proc_handlers 2024-07-24 20:59:29 +02:00
net_debug.h net: add CONFIG_DEBUG_NET 2022-05-11 12:43:10 +01:00
net_failover.h
net_namespace.h net: Don't register pernet_operations if only one of id or size is specified. 2024-08-03 22:38:44 +01:00
net_ratelimit.h
net_trackers.h net: add networking namespace refcount tracker 2021-12-10 06:38:26 -08:00
netdev_queues.h net: qstat: extend kdoc about get_base_stats 2024-06-01 15:11:52 -07:00
netdev_rx_queue.h memory-provider: fix compilation issue without SYSFS 2024-09-12 21:00:26 -07:00
netevent.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
netkit.h bpf, netkit: Add indirect call wrapper for fetching peer dev 2023-11-20 10:15:16 -08:00
netlabel.h netlabel: Correct spelling in netlabel.h 2024-08-26 09:37:22 -07:00
netlink.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
netmem.h page_pool: devmem support 2024-09-11 20:44:31 -07:00
netprio_cgroup.h
netrom.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
nexthop.h net: nexthop: Increase weight to u16 2024-08-12 17:50:34 -07:00
nl802154.h ieee802154: Correct spelling in nl802154.h 2024-08-30 22:30:55 +02:00
nsh.h net: NSH: fix kernel-doc notation warning 2023-07-14 20:39:29 -07:00
p8022.h net: 802: Remove unused function declarations 2023-08-04 15:33:50 -07:00
pfcp.h pfcp: always set pfcp metadata 2024-04-01 10:49:28 +01:00
pie.h pie: fix kernel-doc notation warning 2023-07-14 20:39:30 -07:00
ping.h net/ipv4: ping_group_range: allow GID from 2147483648 to 4294967294 2023-06-02 09:55:22 +01:00
pkt_cls.h net: sched: Correct spelling in headers 2024-08-26 09:37:23 -07:00
pkt_sched.h net/sched: Add helper macros with module names 2024-02-02 10:57:55 -08:00
pptp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
proto_memory.h net: move sysctl_mem_pcpu_rsv to net_hotdata 2024-04-30 18:46:52 -07:00
protocol.h ipv6: move tcp_ipv6_hash_secret and udp_ipv6_hash_secret to net_hotdata 2024-03-07 21:12:43 -08:00
psample.h net: psample: fix flag being set in wrong skb 2024-07-11 18:11:31 -07:00
psnap.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
raw.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-04-06 12:01:20 -07:00
rawv6.h ipv6: raw: constify raw_v6_match() socket argument 2023-03-17 08:56:37 +00:00
red.h net: sched: Correct spelling in headers 2024-08-26 09:37:23 -07:00
regulatory.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
request_sock.h tcp: move reqsk_alloc() to inet_connection_sock.c 2024-06-06 15:18:04 +02:00
rose.h net: rose: add netdev ref tracker to 'struct rose_sock' 2022-08-01 11:59:23 -07:00
route.h xfrm: Unmask upper DSCP bits in xfrm_get_tos() 2024-08-31 17:44:51 +01:00
rpl.h ipv6: rpl: Remove pskb(_may)?_pull() in ipv6_rpl_srh_rcv(). 2023-06-19 11:32:58 -07:00
rps.h net: rps: add rps_input_queue_head_add() helper 2024-04-01 11:28:32 +01:00
rsi_91x.h rsi: remove kernel-doc comment marker 2023-07-14 20:39:30 -07:00
rstreason.h tcp: rstreason: introduce SK_RST_REASON_TCP_DISCONNECT_WITH_DATA for active reset 2024-08-07 10:24:46 +01:00
rtnetlink.h rtnetlink: Add bulk registration helpers for rtnetlink message handlers. 2024-10-10 15:39:35 +02:00
rtnh.h
sch_generic.h net/sched: accept TCA_STAB only for root qdisc 2024-10-08 15:38:56 -07:00
scm.h af_unix: Add dead flag to struct scm_fp_list. 2024-05-10 18:52:45 -07:00
secure_seq.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
seg6_hmac.h ipv6: sr: restruct ifdefines 2024-05-30 18:29:38 -07:00
seg6_local.h seg6: Use nested-BH locking for seg6_bpf_srh_states. 2024-06-24 16:41:23 -07:00
seg6.h ipv6: sr: restruct ifdefines 2024-05-30 18:29:38 -07:00
selftests.h
slhc_vj.h
smc.h net/smc: add operations to merge sndbuf with peer DMB 2024-04-30 13:24:48 +02:00
snmp.h
sock_reuseport.h net: core: annotate socks of struct sock_reuseport with __counted_by 2024-08-02 17:16:59 -07:00
sock.h BPF fixes: 2024-10-18 16:27:14 -07:00
Space.h net: appletalk: remove cops support 2023-10-04 11:49:20 -07:00
stp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
strparser.h tls: rx: remove the message decrypted tracking 2022-07-18 11:24:10 +01:00
switchdev.h net: bridge: switchdev: Skip MDB replays of deferred events on offload 2024-02-16 09:36:37 +00:00
tc_wrapper.h Merge branch 'x86/bugs' into x86/core, to pick up pending changes before dependent patches 2024-02-14 10:49:37 +01:00
tcp_ao.h net/tcp: Remove tcp_hash_fail() 2024-06-12 06:39:04 +01:00
tcp_states.h tcp: Dump bound-only sockets in inet_diag. 2023-12-04 14:45:26 -08:00
tcp.h tcp: check skb is non-NULL in tcp_rto_delta_us() 2024-09-23 11:43:09 +01:00
tcx.h bpf: Fix too early release of tcx_entry 2024-07-08 14:07:31 -07:00
timewait_sock.h tcp: get rid of twsk_unique() 2024-05-09 20:25:55 -07:00
tipc.h
tls_prot.h net/tls: Add TLS Alert definitions 2023-07-28 14:07:59 -07:00
tls_toe.h
tls.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-04-25 12:41:37 -07:00
transp_v6.h inet6: Remove unused function declaration udpv6_connect() 2023-08-01 15:06:27 -07:00
tso.h net: tso: inline tso_count_descs() 2022-12-12 15:04:39 -08:00
tun_proto.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
udp_tunnel.h ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
udp.h net: Correct spelling in headers 2024-08-26 09:37:23 -07:00
udplite.h udplite: fix various data-races 2023-09-14 16:16:36 +02:00
vsock_addr.h
vxlan.h vxlan: add support for flowlabel inherit 2023-11-16 22:33:31 +00:00
wext.h
x25.h x25: Correct spelling in x25.h 2024-08-26 09:37:23 -07:00
x25device.h
xdp_priv.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
xdp_sock_drv.h xsk: use generic DMA sync shortcut instead of a custom one 2024-05-08 08:51:20 +02:00
xdp_sock.h net: Optimize xdp_do_flush() with bpf_net_context infos. 2024-07-02 15:26:57 +02:00
xdp.h net, xdp: Correct grammar 2023-12-14 16:38:59 +01:00
xfrm.h xfrm: respect ip protocols rules criteria when performing dst lookups 2024-09-23 07:02:07 +02:00
xsk_buff_pool.h xsk: use generic DMA sync shortcut instead of a custom one 2024-05-08 08:51:20 +02:00