torvalds/linux
torvalds/linux
2
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-09-04 20:19:47 +08:00
Code
fcf8239ad6
linux/net
History
Florian Westphal 91a79b7922 netfilter: nf_reject: don't leak dst refcount for loopback packets 
recent patches to add a WARN() when replacing skb dst entry found an
old bug:

WARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]
WARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]
WARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234
[..]
Call Trace:
 nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325
 nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27
 expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]
 ..

This is because blamed commit forgot about loopback packets.
Such packets already have a dst_entry attached, even at PRE_ROUTING stage.

Instead of checking hook just check if the skb already has a route
attached to it.

Fixes: f53b9b0bdc ("netfilter: introduce support for reject at prerouting stage")
Signed-off-by: Florian Westphal <fw@strlen.de>
Link: https://patch.msgid.link/20250820123707.10671-1-fw@strlen.de
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2025-08-21 10:02:00 -07:00
..
6lowpan net: replace ND_PRINTK with dynamic debug 2025-07-10 15:27:32 -07:00
9p
802
8021q net: s/dev_close_many/netif_close_many/ 2025-07-18 17:27:47 -07:00
appletalk Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-07-24 11:10:46 -07:00
atm atm: clip: Fix NULL pointer dereference in vcc_sendmsg() 2025-07-09 19:09:36 -07:00
ax25
batman-adv This cleanup patchset includes the following patches: 2025-07-11 17:50:27 -07:00
bluetooth Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() 2025-08-15 10:13:09 -04:00
bpf bpf: Add attach_type field to bpf_link 2025-07-11 10:51:55 -07:00
bridge net: bridge: fix soft lockup in br_multicast_query_expired() 2025-08-14 17:49:33 -07:00
caif
can
ceph
core net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM 2025-08-18 17:20:06 -07:00
dcb
devlink devlink: let driver opt out of automatic phys_port_name generation 2025-08-12 13:23:39 -07:00
dns_resolver
dsa net: s/dev_close_many/netif_close_many/ 2025-07-18 17:27:47 -07:00
ethernet
ethtool ethtool: rss: support removing contexts via Netlink 2025-07-21 18:21:19 -07:00
handshake net/handshake: Add new parameter 'HANDSHAKE_A_ACCEPT_KEYRING' 2025-07-08 15:31:44 +02:00
hsr net, hsr: reject HSR frame if skb can't hold tag 2025-08-20 19:31:25 -07:00
ieee802154
ife
ipv4 netfilter: nf_reject: don't leak dst refcount for loopback packets 2025-08-21 10:02:00 -07:00
ipv6 netfilter: nf_reject: don't leak dst refcount for loopback packets 2025-08-21 10:02:00 -07:00
iucv
kcm net: kcm: Fix race condition in kcm_unattach() 2025-08-13 18:18:33 -07:00
key Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-07-24 11:10:46 -07:00
l2tp
l3mdev
lapb
llc
mac80211 wifi: mac80211: fix WARN_ON for monitor mode on some devices 2025-07-23 12:29:07 +02:00
mac802154
mctp net: mctp: Fix bad kfree_skb in bind lookup test 2025-08-13 17:07:34 -07:00
mpls net: s/dev_get_flags/netif_get_flags/ 2025-07-18 17:27:47 -07:00
mptcp mptcp: disable add_addr retransmission when timeout is 0 2025-08-18 17:39:58 -07:00
ncsi
netfilter netfilter: nf_tables: reject duplicate device on updates 2025-08-13 08:34:55 +02:00
netlabel
netlink netlink: avoid infinite retry looping in netlink_unicast() 2025-07-30 19:16:49 -07:00
netrom
nfc
nsh
openvswitch
packet net/packet: fix a race in packet_set_ring() and packet_notifier() 2025-08-04 17:21:27 -07:00
phonet Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-07-17 11:00:33 -07:00
psample
qrtr
rds don't open-code kernel_accept() in rds_tcp_accept_one() 2025-07-15 16:19:54 -07:00
rfkill
rose net: track pfmemalloc drops via SKB_DROP_REASON_PFMEMALLOC 2025-07-18 16:59:05 -07:00
rxrpc rxrpc: Fix to use conn aborts for conn-wide failures 2025-07-17 07:50:48 -07:00
sched net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate 2025-08-20 19:27:08 -07:00
sctp sctp: linearize cloned gso packets in sctp_rcv 2025-08-08 13:08:06 -07:00
shaper
smc net/smc: fix UAF on smcsk after smc_listen_out() 2025-08-19 18:27:16 -07:00
strparser
sunrpc nfsd-6.17 fixes: 2025-08-11 07:38:55 -07:00
switchdev
tipc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-07-10 10:10:49 -07:00
tls tls: fix handling of zero-length records on the rx_list 2025-08-21 07:52:30 -07:00
unix Networking changes for 6.17. 2025-07-30 08:58:55 -07:00
vmw_vsock vsock: Do not allow binding to VMADDR_PORT_ANY 2025-08-08 12:55:00 -07:00
wireless Another wireless update: 2025-07-24 17:25:42 -07:00
x25 net/x25: Remove unused x25_terminate_link() 2025-07-14 17:19:13 -07:00
xdp net: xsk: introduce XDP_MAX_TX_SKB_BUDGET setsockopt 2025-07-10 14:48:29 +02:00
xfrm xfrm: bring back device check in validate_xmit_xfrm 2025-08-07 08:07:01 +02:00
compat.c
devres.c
Kconfig net: Kconfig: add endif/endmenu comments 2025-07-22 18:17:23 -07:00
Kconfig.debug
Makefile
socket.c
sysctl_net.c