torvalds/linux
3
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-03-22 07:27:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

netfilter: nf_tables: Fix for duplicate device in netdev hooks

Browse Source 
When handling NETDEV_REGISTER notification, duplicate device
registration must be avoided since the device may have been added by
nft_netdev_hook_alloc() already when creating the hook.

Suggested-by: Florian Westphal <fw@strlen.de>
Reported-by: syzbot+bb9127e278fa198e110c@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=bb9127e278fa198e110c
Fixes: a331b78a55 ("netfilter: nf_tables: Respect NETDEV_REGISTER events")
Tested-by: Helen Koike <koike@igalia.com>
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
This commit is contained in:
Phil Sutter
2026-03-05 13:01:44 +01:00
committed by Florian Westphal
parent 6f1a9140ec
commit b7cdc5a97d
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
net/netfilter/nf_tables_api.c
View File

@@ -9688,7 +9688,7 @@ static int nft_flowtable_event(unsigned long event, struct net_device *dev,
break;
case NETDEV_REGISTER:
/* NOP if not matching or already registered */
if (!match || (changename && ops))
if (!match || ops)
continue;
ops = kzalloc_obj(struct nf_hook_ops,

2
net/netfilter/nft_chain_filter.c
View File

@@ -344,7 +344,7 @@ static int nft_netdev_event(unsigned long event, struct net_device *dev,
break;
case NETDEV_REGISTER:
/* NOP if not matching or already registered */
if (!match || (changename && ops))
if (!match || ops)
continue;
ops = kmemdup(&basechain->ops,