diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-06-28 16:24:27 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-07-05 14:42:15 +0200 |
commit | 1689f25924ada8fe14a4a82c38925d04994c7142 (patch) | |
tree | 41cb3c65a36016777f7f148fd8c4fa1eca5601ff /net/netfilter/nft_immediate.c | |
parent | c451410ca7e3d8eeb31d141fc20c200e21754ba4 (diff) | |
download | linux-1689f25924ada8fe14a4a82c38925d04994c7142.tar.gz |
netfilter: nf_tables: report use refcount overflow
Overflow use refcount checks are not complete.
Add helper function to deal with object reference counter tracking.
Report -EMFILE in case UINT_MAX is reached.
nft_use_dec() splats in case that reference counter underflows,
which should not ever happen.
Add nft_use_inc_restore() and nft_use_dec_restore() which are used
to restore reference counter from error and abort paths.
Use u32 in nft_flowtable and nft_object since helper functions cannot
work on bitfields.
Remove the few early incomplete checks now that the helper functions
are in place and used to check for refcount overflow.
Fixes: 96518518cc41 ("netfilter: add nftables")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nft_immediate.c')
-rw-r--r-- | net/netfilter/nft_immediate.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/net/netfilter/nft_immediate.c b/net/netfilter/nft_immediate.c index 3d76ebfe8939bd..407d7197f75bb3 100644 --- a/net/netfilter/nft_immediate.c +++ b/net/netfilter/nft_immediate.c @@ -159,7 +159,7 @@ static void nft_immediate_deactivate(const struct nft_ctx *ctx, default: nft_chain_del(chain); chain->bound = false; - chain->table->use--; + nft_use_dec(&chain->table->use); break; } break; @@ -198,7 +198,7 @@ static void nft_immediate_destroy(const struct nft_ctx *ctx, * let the transaction records release this chain and its rules. */ if (chain->bound) { - chain->use--; + nft_use_dec(&chain->use); break; } @@ -206,9 +206,9 @@ static void nft_immediate_destroy(const struct nft_ctx *ctx, chain_ctx = *ctx; chain_ctx.chain = chain; - chain->use--; + nft_use_dec(&chain->use); list_for_each_entry_safe(rule, n, &chain->rules, list) { - chain->use--; + nft_use_dec(&chain->use); list_del(&rule->list); nf_tables_rule_destroy(&chain_ctx, rule); } |