leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b36e4523d4
linux/net
History
Florian Westphal b36e4523d4 netfilter: nf_conncount: fix garbage collection confirm race 
Yi-Hung Wei and Justin Pettit found a race in the garbage collection scheme
used by nf_conncount.

When doing list walk, we lookup the tuple in the conntrack table.
If the lookup fails we remove this tuple from our list because
the conntrack entry is gone.

This is the common cause, but turns out its not the only one.
The list entry could have been created just before by another cpu, i.e. the
conntrack entry might not yet have been inserted into the global hash.

The avoid this, we introduce a timestamp and the owning cpu.
If the entry appears to be stale, evict only if:
 1. The current cpu is the one that added the entry, or,
 2. The timestamp is older than two jiffies

The second constraint allows GC to be taken over by other
cpu too (e.g. because a cpu was offlined or napi got moved to another
cpu).

We can't pretend the 'doubtful' entry wasn't in our list.
Instead, when we don't find an entry indicate via IS_ERR
that entry was removed ('did not exist' or withheld
('might-be-unconfirmed').

This most likely also fixes a xt_connlimit imbalance earlier reported by
Dmitry Andrianov.

Cc: Dmitry Andrianov <dmitry.andrianov@alertme.com>
Reported-by: Justin Pettit <jpettit@vmware.com>
Reported-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2018-06-26 18:28:57 +02:00
..
6lowpan
9p treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
802
8021q Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
appletalk Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
atm atm: Preserve value of skb->truesize when accounting to vcc 2018-06-17 08:27:01 +09:00
ax25 Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-05-26 19:46:15 -04:00
bluetooth treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
bpf bpf: making bpf_prog_test run aware of possible data_end ptr change 2018-04-18 23:34:16 +02:00
bpfilter bpfilter: fix race in pipe access 2018-06-07 20:07:28 -04:00
bridge Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-06-16 07:39:34 +09:00
caif net/caif: convert to ->poll_mask 2018-05-26 09:16:44 +02:00
can treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
ceph The main piece is a set of libceph changes that revamps how OSD 2018-06-15 07:24:58 +09:00
core Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf 2018-06-17 07:54:24 +09:00
dcb treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
dccp treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
decnet Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
dns_resolver KEYS: DNS: limit the length of option strings 2018-04-17 15:17:41 -04:00
dsa net: dsa: add error handling for pskb_trim_rcsum 2018-06-11 14:19:38 -07:00
ethernet net: core: rework basic flow dissection helper 2018-05-08 00:02:36 -04:00
hsr
ieee802154 treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
ife net: sched: ife: check on metadata length 2018-04-22 21:12:00 -04:00
ipv4 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-06-16 07:39:34 +09:00
ipv6 netfilter: ipv6: nf_defrag: reduce struct net memory waste 2018-06-18 14:13:25 +02:00
iucv net/iucv: convert to ->poll_mask 2018-05-26 09:16:44 +02:00
kcm Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
key Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
l2tp l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() 2018-06-15 09:12:37 -07:00
l3mdev
lapb
llc Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
mac80211 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-06-16 07:39:34 +09:00
mac802154 net/mac802154: disambiguate mac80215 vs mac802154 trace events 2018-03-28 22:55:18 +02:00
mpls net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
ncsi net/ncsi: Avoid GFP_KERNEL in response handler 2018-06-03 10:42:07 -04:00
netfilter netfilter: nf_conncount: fix garbage collection confirm race 2018-06-26 18:28:57 +02:00
netlabel audit: use inline function to get audit context 2018-05-14 17:24:18 -04:00
netlink treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
netrom treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
nfc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
nsh nsh: fix infinite loop 2018-05-04 12:54:38 -04:00
openvswitch treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
packet treewide: Use array_size() in vzalloc() 2018-06-12 16:19:22 -07:00
phonet Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
psample
qrtr Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
rds Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-06-16 07:39:34 +09:00
rfkill rfkill: Create rfkill-none LED trigger 2018-05-23 11:26:45 +02:00
rose treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
rxrpc treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
sched net_sched: blackhole: tell upper qdisc about dropped packets 2018-06-17 08:42:33 +09:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-06-16 07:39:34 +09:00
smc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-06-16 07:39:34 +09:00
strparser strparser: Add __strp_unpause and use it in ktls. 2018-06-06 14:07:53 -04:00
sunrpc - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
switchdev
tipc treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
tls tls: fix waitall behavior in tls_sw_recvmsg 2018-06-15 09:14:30 -07:00
unix Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
vmw_vsock net/vmw_vsock: convert to ->poll_mask 2018-05-26 09:16:44 +02:00
wimax
wireless Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-06-16 07:39:34 +09:00
x25 Merge branch 'work.aio-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-06-04 13:57:43 -07:00
xdp xsk: re-add queue id check for XDP_SKB path 2018-06-12 12:19:04 +02:00
xfrm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
compat.c net: support compat 64-bit time in {s,g}etsockopt 2018-04-27 19:46:06 -04:00
Kconfig net: Introduce generic failover module 2018-05-28 22:59:54 -04:00
Makefile bpfilter: switch to CC from HOSTCC 2018-06-05 10:21:18 -04:00
socket.c socket: close race condition between sock_close() and sockfs_setattr() 2018-06-10 12:25:53 -07:00
sysctl_net.c net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00