MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-10-22 23:13:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,000,922 Commits 589 Branches 4,509 Tags 4.3 GiB
C 97.5%
Assembly 1%
Shell 0.6%
Python 0.3%
Makefile 0.3%
Other 0.1%
7b8b503c06
Go to file
Florian Westphal 7b8b503c06 netfilter: nf_reject: don't leak dst refcount for loopback packets 
[ Upstream commit 91a79b792204313153e1bdbbe5acbfc28903b3a5 ]

recent patches to add a WARN() when replacing skb dst entry found an
old bug:

WARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]
WARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]
WARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234
[..]
Call Trace:
 nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325
 nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27
 expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]
 ..

This is because blamed commit forgot about loopback packets.
Such packets already have a dst_entry attached, even at PRE_ROUTING stage.

Instead of checking hook just check if the skb already has a route
attached to it.

Fixes: f53b9b0bdc ("netfilter: introduce support for reject at prerouting stage")
Signed-off-by: Florian Westphal <fw@strlen.de>
Link: https://patch.msgid.link/20250820123707.10671-1-fw@strlen.de
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-08-28 16:22:59 +02:00
arch s390/hypfs: Enable limited access during lockdown 2025-08-28 16:22:59 +02:00
block block: don't call rq_qos_ops->done_bio if the bio isn't tracked 2025-08-28 16:22:54 +02:00
certs
crypto crypto: xts - Only add ecb if it is not already there 2025-06-27 11:04:01 +01:00
Documentation asm-generic: Add memory barrier dma_mb() 2025-08-28 16:22:57 +02:00
drivers ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc 2025-08-28 16:22:59 +02:00
fs f2fs: fix to avoid out-of-boundary access in dnode page 2025-08-28 16:22:57 +02:00
include mm/page_alloc: detect allocation forbidden by cpuset and bail out early 2025-08-28 16:22:58 +02:00
init bpf: Clean up sockmap related Kconfigs 2025-06-27 11:04:09 +01:00
io_uring io_uring: fix possible deadlock in io_register_iowq_max_workers() 2024-11-17 14:59:39 +01:00
ipc ipc: fix to protect IPCS lookups using RCU 2025-06-27 11:04:14 +01:00
kernel cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key 2025-08-28 16:22:58 +02:00
lib lib: test_objagg: Set error message in check_expect_hints_stats() 2025-07-17 18:27:47 +02:00
LICENSES
mm mm/page_alloc: detect allocation forbidden by cpuset and bail out early 2025-08-28 16:22:58 +02:00
net netfilter: nf_reject: don't leak dst refcount for loopback packets 2025-08-28 16:22:59 +02:00
samples samples: mei: Fix building on musl libc 2025-08-28 16:22:32 +02:00
scripts kconfig: lxdialog: fix 'space' to (de)select options 2025-08-28 16:22:47 +02:00
security securityfs: don't pin dentries twice, once is enough... 2025-08-28 16:22:40 +02:00
sound ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation 2025-08-28 16:22:59 +02:00
tools selftests: mptcp: pm: check flush doesn't reset limits 2025-08-28 16:22:58 +02:00
usr kbuild: hdrcheck: fix cross build with clang 2025-06-27 11:04:11 +01:00
virt KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() 2024-10-22 15:39:24 +02:00
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore Remove *.orig pattern from .gitignore 2024-10-17 15:07:59 +02:00
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS platform: Add Surface platform directory 2025-06-27 11:04:19 +01:00
Makefile kbuild: userprogs: use correct linker when mixing clang and GNU ld 2025-08-28 16:22:52 +02:00
README

README

Linux kernel

There are several guides for kernel developers and users. These guides can be rendered in a number of formats, like HTML and PDF. Please read Documentation/admin-guide/README.rst first.

In order to build the documentation, use make htmldocs or make pdfdocs. The formatted documentation can also be read online at:

https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory, several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the requirements for building and running the kernel, and information about the problems which may result by upgrading your kernel.