Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf

Pablo Neira Ayuso says: ==================== Netfilter fixes for net The following patchset contains fixes for your net tree, they are: 1) Unitialize the set element key and data from the commit path, otherwise this leaks chain refcount if the transaction is aborted, reported by Thomas Graf. 2) Fix crash when updating chains without no counters in nf_tables, this slipped through in the new transaction infrastructure, reported by Matteo Croce. 3) Replace all mutex_lock_interruptible() by mutex_lock() in the Netfilter tree, suggested by Patrick McHardy. This implicitly fixes the problem that Eric Dumazet reported in: http://patchwork.ozlabs.org/patch/373076/ 4) Fix error return code in nf_tables when deleting set element in nf_tables if the transaction cannot be allocated, from Julia Lawall. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
author: David S. Miller <davem@davemloft.net> 2014-08-11 13:26:15 -0400
committer: David S. Miller <davem@davemloft.net> 2014-08-11 13:26:15 -0400
commit: f00439e2e34e97130981c8b68310b8b77b86645a (patch)
tree: abe3e3f66713d6e80f4c4b9fa774117947af556a
parent: 4da5e6a01315fe2a6bc47fe9b076168141c9d9aa (diff)
parent: 609ccf087747de48ef52160f93e0df864c532a61 (diff)
6 files changed, 39 insertions, 86 deletions
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index 1059ed3bc255..6d69631b9f4d 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -327,10 +327,7 @@ find_inlist_lock_noload(struct list_head *head, const char *name, int *error,
                char name[EBT_FUNCTION_MAXNAMELEN];
        } *e;
-        *error = mutex_lock_interruptible(mutex);
+        mutex_lock(mutex);
-        if (*error != 0)
-                return NULL;
        list_for_each_entry(e, head, list) {
                if (strcmp(e->name, name) == 0)
                        return e;
@@ -1203,10 +1200,7 @@ ebt_register_table(struct net *net, const struct ebt_table *input_table)
        table->private = newinfo;
        rwlock_init(&table->lock);
-        ret = mutex_lock_interruptible(&ebt_mutex);
+        mutex_lock(&ebt_mutex);
-        if (ret != 0)
-                goto free_chainstack;
        list_for_each_entry(t, &net->xt.tables[NFPROTO_BRIDGE], list) {
                if (strcmp(t->name, table->name) == 0) {
                        ret = -EEXIST;
diff --git a/net/netfilter/core.c b/net/netfilter/core.c
index 1fbab0cdd302..a93c97f106d4 100644
--- a/net/netfilter/core.c
+++ b/net/netfilter/core.c
@@ -35,11 +35,7 @@ EXPORT_SYMBOL_GPL(nf_ipv6_ops);
 int nf_register_afinfo(const struct nf_afinfo *afinfo)
 {
-        int err;
+        mutex_lock(&afinfo_mutex);
-        err = mutex_lock_interruptible(&afinfo_mutex);
-        if (err < 0)
-                return err;
        RCU_INIT_POINTER(nf_afinfo[afinfo->family], afinfo);
        mutex_unlock(&afinfo_mutex);
        return 0;
@@ -68,11 +64,8 @@ static DEFINE_MUTEX(nf_hook_mutex);
 int nf_register_hook(struct nf_hook_ops *reg)
 {
        struct nf_hook_ops *elem;
-        int err;
-        err = mutex_lock_interruptible(&nf_hook_mutex);
+        mutex_lock(&nf_hook_mutex);
-        if (err < 0)
-                return err;
        list_for_each_entry(elem, &nf_hooks[reg->pf][reg->hooknum], list) {
                if (reg->priority < elem->priority)
                        break;
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 8416307fdd1d..fd3f444a4f96 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -2271,10 +2271,7 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len)
            cmd == IP_VS_SO_SET_STOPDAEMON) {
                struct ip_vs_daemon_user *dm = (struct ip_vs_daemon_user *)arg;
-                if (mutex_lock_interruptible(&ipvs->sync_mutex)) {
+                mutex_lock(&ipvs->sync_mutex);
-                        ret = -ERESTARTSYS;
-                        goto out_dec;
-                }
                if (cmd == IP_VS_SO_SET_STARTDAEMON)
                        ret = start_sync_thread(net, dm->state, dm->mcast_ifn,
                                                dm->syncid);
@@ -2284,11 +2281,7 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len)
                goto out_dec;
        }
-        if (mutex_lock_interruptible(&__ip_vs_mutex)) {
+        mutex_lock(&__ip_vs_mutex);
-                ret = -ERESTARTSYS;
-                goto out_dec;
-        }
        if (cmd == IP_VS_SO_SET_FLUSH) {
                /* Flush the virtual service */
                ret = ip_vs_flush(net, false);
@@ -2573,9 +2566,7 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
                struct ip_vs_daemon_user d[2];
                memset(&d, 0, sizeof(d));
-                if (mutex_lock_interruptible(&ipvs->sync_mutex))
+                mutex_lock(&ipvs->sync_mutex);
-                        return -ERESTARTSYS;
                if (ipvs->sync_state & IP_VS_STATE_MASTER) {
                        d[0].state = IP_VS_STATE_MASTER;
                        strlcpy(d[0].mcast_ifn, ipvs->master_mcast_ifn,
@@ -2594,9 +2585,7 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
                return ret;
        }
-        if (mutex_lock_interruptible(&__ip_vs_mutex))
+        mutex_lock(&__ip_vs_mutex);
-                return -ERESTARTSYS;
        switch (cmd) {
        case IP_VS_SO_GET_VERSION:
        {
diff --git a/net/netfilter/nf_sockopt.c b/net/netfilter/nf_sockopt.c
index f042ae521557..c68c1e58b362 100644
--- a/net/netfilter/nf_sockopt.c
+++ b/net/netfilter/nf_sockopt.c
@@ -26,9 +26,7 @@ int nf_register_sockopt(struct nf_sockopt_ops *reg)
        struct nf_sockopt_ops *ops;
        int ret = 0;
-        if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0)
+        mutex_lock(&nf_sockopt_mutex);
-                return -EINTR;
        list_for_each_entry(ops, &nf_sockopts, list) {
                if (ops->pf == reg->pf
                    && (overlap(ops->set_optmin, ops->set_optmax,
@@ -65,9 +63,7 @@ static struct nf_sockopt_ops *nf_sockopt_find(struct sock *sk, u_int8_t pf,
 {
        struct nf_sockopt_ops *ops;
-        if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0)
+        mutex_lock(&nf_sockopt_mutex);
-                return ERR_PTR(-EINTR);
        list_for_each_entry(ops, &nf_sockopts, list) {
                if (ops->pf == pf) {
                        if (!try_module_get(ops->owner))
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index b8035c2d6667..deeb95fb7028 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -899,6 +899,9 @@ static struct nft_stats __percpu *nft_stats_alloc(const struct nlattr *attr)
 static void nft_chain_stats_replace(struct nft_base_chain *chain,
                                    struct nft_stats __percpu *newstats)
 {
+        if (newstats == NULL)
+                return;
        if (chain->stats) {
                struct nft_stats __percpu *oldstats =
                                nft_dereference(chain->stats);
@@ -3134,16 +3137,13 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
                goto err2;
        trans = nft_trans_elem_alloc(ctx, NFT_MSG_DELSETELEM, set);
-        if (trans == NULL)
+        if (trans == NULL) {
+                err = -ENOMEM;
                goto err2;
+        }
        nft_trans_elem(trans) = elem;
        list_add_tail(&trans->list, &ctx->net->nft.commit_list);
-        nft_data_uninit(&elem.key, NFT_DATA_VALUE);
-        if (set->flags & NFT_SET_MAP)
-                nft_data_uninit(&elem.data, set->dtype);
        return 0;
 err2:
        nft_data_uninit(&elem.key, desc.type);
@@ -3310,7 +3310,7 @@ static int nf_tables_commit(struct sk_buff *skb)
 {
        struct net *net = sock_net(skb->sk);
        struct nft_trans *trans, *next;
-        struct nft_set *set;
+        struct nft_trans_elem *te;
        /* Bump generation counter, invalidate any dump in progress */
        while (++net->nft.base_seq == 0);
@@ -3396,13 +3396,17 @@ static int nf_tables_commit(struct sk_buff *skb)
                        nft_trans_destroy(trans);
                        break;
                case NFT_MSG_DELSETELEM:
-                        nf_tables_setelem_notify(&trans->ctx,
+                        te = (struct nft_trans_elem *)trans->data;
-                                                 nft_trans_elem_set(trans),
+                        nf_tables_setelem_notify(&trans->ctx, te->set,
-                                                 &nft_trans_elem(trans),
+                                                 &te->elem,
                                                 NFT_MSG_DELSETELEM, 0);
-                        set = nft_trans_elem_set(trans);
+                        te->set->ops->get(te->set, &te->elem);
-                        set->ops->get(set, &nft_trans_elem(trans));
+                        te->set->ops->remove(te->set, &te->elem);
-                        set->ops->remove(set, &nft_trans_elem(trans));
+                        nft_data_uninit(&te->elem.key, NFT_DATA_VALUE);
+                        if (te->elem.flags & NFT_SET_MAP) {
+                                nft_data_uninit(&te->elem.data,
+                                                te->set->dtype);
+                        }
                        nft_trans_destroy(trans);
                        break;
                }
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index 47b978bc3100..272ae4d6fdf4 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -71,18 +71,14 @@ static const char *const xt_prefix[NFPROTO_NUMPROTO] = {
 static const unsigned int xt_jumpstack_multiplier = 2;
 /* Registration hooks for targets. */
-int
+int xt_register_target(struct xt_target *target)
-xt_register_target(struct xt_target *target)
 {
        u_int8_t af = target->family;
-        int ret;
-        ret = mutex_lock_interruptible(&xt[af].mutex);
+        mutex_lock(&xt[af].mutex);
-        if (ret != 0)
-                return ret;
        list_add(&target->list, &xt[af].target);
        mutex_unlock(&xt[af].mutex);
-        return ret;
+        return 0;
 }
 EXPORT_SYMBOL(xt_register_target);
@@ -125,20 +121,14 @@ xt_unregister_targets(struct xt_target *target, unsigned int n)
 }
 EXPORT_SYMBOL(xt_unregister_targets);
-int
+int xt_register_match(struct xt_match *match)
-xt_register_match(struct xt_match *match)
 {
        u_int8_t af = match->family;
-        int ret;
-        ret = mutex_lock_interruptible(&xt[af].mutex);
-        if (ret != 0)
-                return ret;
+        mutex_lock(&xt[af].mutex);
        list_add(&match->list, &xt[af].match);
        mutex_unlock(&xt[af].mutex);
+        return 0;
-        return ret;
 }
 EXPORT_SYMBOL(xt_register_match);
@@ -194,9 +184,7 @@ struct xt_match *xt_find_match(u8 af, const char *name, u8 revision)
        struct xt_match *m;
        int err = -ENOENT;
-        if (mutex_lock_interruptible(&xt[af].mutex) != 0)
+        mutex_lock(&xt[af].mutex);
-                return ERR_PTR(-EINTR);
        list_for_each_entry(m, &xt[af].match, list) {
                if (strcmp(m->name, name) == 0) {
                        if (m->revision == revision) {
@@ -239,9 +227,7 @@ struct xt_target *xt_find_target(u8 af, const char *name, u8 revision)
        struct xt_target *t;
        int err = -ENOENT;
-        if (mutex_lock_interruptible(&xt[af].mutex) != 0)
+        mutex_lock(&xt[af].mutex);
-                return ERR_PTR(-EINTR);
        list_for_each_entry(t, &xt[af].target, list) {
                if (strcmp(t->name, name) == 0) {
                        if (t->revision == revision) {
@@ -323,10 +309,7 @@ int xt_find_revision(u8 af, const char *name, u8 revision, int target,
 {
        int have_rev, best = -1;
-        if (mutex_lock_interruptible(&xt[af].mutex) != 0) {
+        mutex_lock(&xt[af].mutex);
-                *err = -EINTR;
-                return 1;
-        }
        if (target == 1)
                have_rev = target_revfn(af, name, revision, &best);
        else
@@ -732,9 +715,7 @@ struct xt_table *xt_find_table_lock(struct net *net, u_int8_t af,
 {
        struct xt_table *t;
-        if (mutex_lock_interruptible(&xt[af].mutex) != 0)
+        mutex_lock(&xt[af].mutex);
-                return ERR_PTR(-EINTR);
        list_for_each_entry(t, &net->xt.tables[af], list)
                if (strcmp(t->name, name) == 0 && try_module_get(t->me))
                        return t;
@@ -883,10 +864,7 @@ struct xt_table *xt_register_table(struct net *net,
                goto out;
        }
-        ret = mutex_lock_interruptible(&xt[table->af].mutex);
+        mutex_lock(&xt[table->af].mutex);
-        if (ret != 0)
-                goto out_free;
        /* Don't autoload: we'd eat our tail... */
        list_for_each_entry(t, &net->xt.tables[table->af], list) {
                if (strcmp(t->name, table->name) == 0) {
@@ -911,9 +889,8 @@ struct xt_table *xt_register_table(struct net *net,
        mutex_unlock(&xt[table->af].mutex);
        return table;
- unlock:
+unlock:
        mutex_unlock(&xt[table->af].mutex);
-out_free:
        kfree(table);
 out:
        return ERR_PTR(ret);
author	David S. Miller <davem@davemloft.net>	2014-08-11 13:26:15 -0400
committer	David S. Miller <davem@davemloft.net>	2014-08-11 13:26:15 -0400
commit	f00439e2e34e97130981c8b68310b8b77b86645a (patch)
tree	abe3e3f66713d6e80f4c4b9fa774117947af556a
parent	4da5e6a01315fe2a6bc47fe9b076168141c9d9aa (diff)
parent	609ccf087747de48ef52160f93e0df864c532a61 (diff)

diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index 1059ed3bc255..6d69631b9f4d 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c
@@ -327,10 +327,7 @@ find_inlist_lock_noload(struct list_head head, const char name, int *error,
327	char name[EBT_FUNCTION_MAXNAMELEN];	327	char name[EBT_FUNCTION_MAXNAMELEN];
328	} *e;	328	} *e;
329		329
330	*error = mutex_lock_interruptible(mutex);	330	mutex_lock(mutex);
331	if (*error != 0)
332	return NULL;
333
334	list_for_each_entry(e, head, list) {	331	list_for_each_entry(e, head, list) {
335	if (strcmp(e->name, name) == 0)	332	if (strcmp(e->name, name) == 0)
336	return e;	333	return e;
@@ -1203,10 +1200,7 @@ ebt_register_table(struct net net, const struct ebt_table input_table)
1203		1200
1204	table->private = newinfo;	1201	table->private = newinfo;
1205	rwlock_init(&table->lock);	1202	rwlock_init(&table->lock);
1206	ret = mutex_lock_interruptible(&ebt_mutex);	1203	mutex_lock(&ebt_mutex);
1207	if (ret != 0)
1208	goto free_chainstack;
1209
1210	list_for_each_entry(t, &net->xt.tables[NFPROTO_BRIDGE], list) {	1204	list_for_each_entry(t, &net->xt.tables[NFPROTO_BRIDGE], list) {
1211	if (strcmp(t->name, table->name) == 0) {	1205	if (strcmp(t->name, table->name) == 0) {
1212	ret = -EEXIST;	1206	ret = -EEXIST;


diff --git a/net/netfilter/core.c b/net/netfilter/core.c index 1fbab0cdd302..a93c97f106d4 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c
@@ -35,11 +35,7 @@ EXPORT_SYMBOL_GPL(nf_ipv6_ops);
35		35
36	int nf_register_afinfo(const struct nf_afinfo *afinfo)	36	int nf_register_afinfo(const struct nf_afinfo *afinfo)
37	{	37	{
38	int err;	38	mutex_lock(&afinfo_mutex);
39
40	err = mutex_lock_interruptible(&afinfo_mutex);
41	if (err < 0)
42	return err;
43	RCU_INIT_POINTER(nf_afinfo[afinfo->family], afinfo);	39	RCU_INIT_POINTER(nf_afinfo[afinfo->family], afinfo);
44	mutex_unlock(&afinfo_mutex);	40	mutex_unlock(&afinfo_mutex);
45	return 0;	41	return 0;
@@ -68,11 +64,8 @@ static DEFINE_MUTEX(nf_hook_mutex);
68	int nf_register_hook(struct nf_hook_ops *reg)	64	int nf_register_hook(struct nf_hook_ops *reg)
69	{	65	{
70	struct nf_hook_ops *elem;	66	struct nf_hook_ops *elem;
71	int err;
72		67
73	err = mutex_lock_interruptible(&nf_hook_mutex);	68	mutex_lock(&nf_hook_mutex);
74	if (err < 0)
75	return err;
76	list_for_each_entry(elem, &nf_hooks[reg->pf][reg->hooknum], list) {	69	list_for_each_entry(elem, &nf_hooks[reg->pf][reg->hooknum], list) {
77	if (reg->priority < elem->priority)	70	if (reg->priority < elem->priority)
78	break;	71	break;


diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 8416307fdd1d..fd3f444a4f96 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -2271,10 +2271,7 @@ do_ip_vs_set_ctl(struct sock sk, int cmd, void __user user, unsigned int len)
2271	cmd == IP_VS_SO_SET_STOPDAEMON) {	2271	cmd == IP_VS_SO_SET_STOPDAEMON) {
2272	struct ip_vs_daemon_user dm = (struct ip_vs_daemon_user )arg;	2272	struct ip_vs_daemon_user dm = (struct ip_vs_daemon_user )arg;
2273		2273
2274	if (mutex_lock_interruptible(&ipvs->sync_mutex)) {	2274	mutex_lock(&ipvs->sync_mutex);
2275	ret = -ERESTARTSYS;
2276	goto out_dec;
2277	}
2278	if (cmd == IP_VS_SO_SET_STARTDAEMON)	2275	if (cmd == IP_VS_SO_SET_STARTDAEMON)
2279	ret = start_sync_thread(net, dm->state, dm->mcast_ifn,	2276	ret = start_sync_thread(net, dm->state, dm->mcast_ifn,
2280	dm->syncid);	2277	dm->syncid);
@@ -2284,11 +2281,7 @@ do_ip_vs_set_ctl(struct sock sk, int cmd, void __user user, unsigned int len)
2284	goto out_dec;	2281	goto out_dec;
2285	}	2282	}
2286		2283
2287	if (mutex_lock_interruptible(&__ip_vs_mutex)) {	2284	mutex_lock(&__ip_vs_mutex);
2288	ret = -ERESTARTSYS;
2289	goto out_dec;
2290	}
2291
2292	if (cmd == IP_VS_SO_SET_FLUSH) {	2285	if (cmd == IP_VS_SO_SET_FLUSH) {
2293	/* Flush the virtual service */	2286	/* Flush the virtual service */
2294	ret = ip_vs_flush(net, false);	2287	ret = ip_vs_flush(net, false);
@@ -2573,9 +2566,7 @@ do_ip_vs_get_ctl(struct sock sk, int cmd, void __user user, int *len)
2573	struct ip_vs_daemon_user d[2];	2566	struct ip_vs_daemon_user d[2];
2574		2567
2575	memset(&d, 0, sizeof(d));	2568	memset(&d, 0, sizeof(d));
2576	if (mutex_lock_interruptible(&ipvs->sync_mutex))	2569	mutex_lock(&ipvs->sync_mutex);
2577	return -ERESTARTSYS;
2578
2579	if (ipvs->sync_state & IP_VS_STATE_MASTER) {	2570	if (ipvs->sync_state & IP_VS_STATE_MASTER) {
2580	d[0].state = IP_VS_STATE_MASTER;	2571	d[0].state = IP_VS_STATE_MASTER;
2581	strlcpy(d[0].mcast_ifn, ipvs->master_mcast_ifn,	2572	strlcpy(d[0].mcast_ifn, ipvs->master_mcast_ifn,
@@ -2594,9 +2585,7 @@ do_ip_vs_get_ctl(struct sock sk, int cmd, void __user user, int *len)
2594	return ret;	2585	return ret;
2595	}	2586	}
2596		2587
2597	if (mutex_lock_interruptible(&__ip_vs_mutex))	2588	mutex_lock(&__ip_vs_mutex);
2598	return -ERESTARTSYS;
2599
2600	switch (cmd) {	2589	switch (cmd) {
2601	case IP_VS_SO_GET_VERSION:	2590	case IP_VS_SO_GET_VERSION:
2602	{	2591	{


diff --git a/net/netfilter/nf_sockopt.c b/net/netfilter/nf_sockopt.c index f042ae521557..c68c1e58b362 100644 --- a/net/netfilter/nf_sockopt.c +++ b/net/netfilter/nf_sockopt.c
@@ -26,9 +26,7 @@ int nf_register_sockopt(struct nf_sockopt_ops *reg)
26	struct nf_sockopt_ops *ops;	26	struct nf_sockopt_ops *ops;
27	int ret = 0;	27	int ret = 0;
28		28
29	if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0)	29	mutex_lock(&nf_sockopt_mutex);
30	return -EINTR;
31
32	list_for_each_entry(ops, &nf_sockopts, list) {	30	list_for_each_entry(ops, &nf_sockopts, list) {
33	if (ops->pf == reg->pf	31	if (ops->pf == reg->pf
34	&& (overlap(ops->set_optmin, ops->set_optmax,	32	&& (overlap(ops->set_optmin, ops->set_optmax,
@@ -65,9 +63,7 @@ static struct nf_sockopt_ops nf_sockopt_find(struct sock sk, u_int8_t pf,
65	{	63	{
66	struct nf_sockopt_ops *ops;	64	struct nf_sockopt_ops *ops;
67		65
68	if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0)	66	mutex_lock(&nf_sockopt_mutex);
69	return ERR_PTR(-EINTR);
70
71	list_for_each_entry(ops, &nf_sockopts, list) {	67	list_for_each_entry(ops, &nf_sockopts, list) {
72	if (ops->pf == pf) {	68	if (ops->pf == pf) {
73	if (!try_module_get(ops->owner))	69	if (!try_module_get(ops->owner))


diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index b8035c2d6667..deeb95fb7028 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c
@@ -899,6 +899,9 @@ static struct nft_stats __percpu nft_stats_alloc(const struct nlattr attr)
899	static void nft_chain_stats_replace(struct nft_base_chain *chain,	899	static void nft_chain_stats_replace(struct nft_base_chain *chain,
900	struct nft_stats __percpu *newstats)	900	struct nft_stats __percpu *newstats)
901	{	901	{
		902	if (newstats == NULL)
		903	return;
		904
902	if (chain->stats) {	905	if (chain->stats) {
903	struct nft_stats __percpu *oldstats =	906	struct nft_stats __percpu *oldstats =
904	nft_dereference(chain->stats);	907	nft_dereference(chain->stats);
@@ -3134,16 +3137,13 @@ static int nft_del_setelem(struct nft_ctx ctx, struct nft_set set,
3134	goto err2;	3137	goto err2;
3135		3138
3136	trans = nft_trans_elem_alloc(ctx, NFT_MSG_DELSETELEM, set);	3139	trans = nft_trans_elem_alloc(ctx, NFT_MSG_DELSETELEM, set);
3137	if (trans == NULL)	3140	if (trans == NULL) {
		3141	err = -ENOMEM;
3138	goto err2;	3142	goto err2;
		3143	}
3139		3144
3140	nft_trans_elem(trans) = elem;	3145	nft_trans_elem(trans) = elem;
3141	list_add_tail(&trans->list, &ctx->net->nft.commit_list);	3146	list_add_tail(&trans->list, &ctx->net->nft.commit_list);
3142
3143	nft_data_uninit(&elem.key, NFT_DATA_VALUE);
3144	if (set->flags & NFT_SET_MAP)
3145	nft_data_uninit(&elem.data, set->dtype);
3146
3147	return 0;	3147	return 0;
3148	err2:	3148	err2:
3149	nft_data_uninit(&elem.key, desc.type);	3149	nft_data_uninit(&elem.key, desc.type);
@@ -3310,7 +3310,7 @@ static int nf_tables_commit(struct sk_buff *skb)
3310	{	3310	{
3311	struct net *net = sock_net(skb->sk);	3311	struct net *net = sock_net(skb->sk);
3312	struct nft_trans trans, next;	3312	struct nft_trans trans, next;
3313	struct nft_set *set;	3313	struct nft_trans_elem *te;
3314		3314
3315	/* Bump generation counter, invalidate any dump in progress */	3315	/* Bump generation counter, invalidate any dump in progress */
3316	while (++net->nft.base_seq == 0);	3316	while (++net->nft.base_seq == 0);
@@ -3396,13 +3396,17 @@ static int nf_tables_commit(struct sk_buff *skb)
3396	nft_trans_destroy(trans);	3396	nft_trans_destroy(trans);
3397	break;	3397	break;
3398	case NFT_MSG_DELSETELEM:	3398	case NFT_MSG_DELSETELEM:
3399	nf_tables_setelem_notify(&trans->ctx,	3399	te = (struct nft_trans_elem *)trans->data;
3400	nft_trans_elem_set(trans),	3400	nf_tables_setelem_notify(&trans->ctx, te->set,
3401	&nft_trans_elem(trans),	3401	&te->elem,
3402	NFT_MSG_DELSETELEM, 0);	3402	NFT_MSG_DELSETELEM, 0);
3403	set = nft_trans_elem_set(trans);	3403	te->set->ops->get(te->set, &te->elem);
3404	set->ops->get(set, &nft_trans_elem(trans));	3404	te->set->ops->remove(te->set, &te->elem);
3405	set->ops->remove(set, &nft_trans_elem(trans));	3405	nft_data_uninit(&te->elem.key, NFT_DATA_VALUE);
		3406	if (te->elem.flags & NFT_SET_MAP) {
		3407	nft_data_uninit(&te->elem.data,
		3408	te->set->dtype);
		3409	}
3406	nft_trans_destroy(trans);	3410	nft_trans_destroy(trans);
3407	break;	3411	break;
3408	}	3412	}


diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index 47b978bc3100..272ae4d6fdf4 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c
@@ -71,18 +71,14 @@ static const char *const xt_prefix[NFPROTO_NUMPROTO] = {
71	static const unsigned int xt_jumpstack_multiplier = 2;	71	static const unsigned int xt_jumpstack_multiplier = 2;
72		72
73	/* Registration hooks for targets. */	73	/* Registration hooks for targets. */
74	int	74	int xt_register_target(struct xt_target *target)
75	xt_register_target(struct xt_target *target)
76	{	75	{
77	u_int8_t af = target->family;	76	u_int8_t af = target->family;
78	int ret;
79		77
80	ret = mutex_lock_interruptible(&xt[af].mutex);	78	mutex_lock(&xt[af].mutex);
81	if (ret != 0)
82	return ret;
83	list_add(&target->list, &xt[af].target);	79	list_add(&target->list, &xt[af].target);
84	mutex_unlock(&xt[af].mutex);	80	mutex_unlock(&xt[af].mutex);
85	return ret;	81	return 0;
86	}	82	}
87	EXPORT_SYMBOL(xt_register_target);	83	EXPORT_SYMBOL(xt_register_target);
88		84
@@ -125,20 +121,14 @@ xt_unregister_targets(struct xt_target *target, unsigned int n)
125	}	121	}
126	EXPORT_SYMBOL(xt_unregister_targets);	122	EXPORT_SYMBOL(xt_unregister_targets);
127		123
128	int	124	int xt_register_match(struct xt_match *match)
129	xt_register_match(struct xt_match *match)
130	{	125	{
131	u_int8_t af = match->family;	126	u_int8_t af = match->family;
132	int ret;
133
134	ret = mutex_lock_interruptible(&xt[af].mutex);
135	if (ret != 0)
136	return ret;
137		127
		128	mutex_lock(&xt[af].mutex);
138	list_add(&match->list, &xt[af].match);	129	list_add(&match->list, &xt[af].match);
139	mutex_unlock(&xt[af].mutex);	130	mutex_unlock(&xt[af].mutex);
140		131	return 0;
141	return ret;
142	}	132	}
143	EXPORT_SYMBOL(xt_register_match);	133	EXPORT_SYMBOL(xt_register_match);
144		134
@@ -194,9 +184,7 @@ struct xt_match xt_find_match(u8 af, const char name, u8 revision)
194	struct xt_match *m;	184	struct xt_match *m;
195	int err = -ENOENT;	185	int err = -ENOENT;
196		186
197	if (mutex_lock_interruptible(&xt[af].mutex) != 0)	187	mutex_lock(&xt[af].mutex);
198	return ERR_PTR(-EINTR);
199
200	list_for_each_entry(m, &xt[af].match, list) {	188	list_for_each_entry(m, &xt[af].match, list) {
201	if (strcmp(m->name, name) == 0) {	189	if (strcmp(m->name, name) == 0) {
202	if (m->revision == revision) {	190	if (m->revision == revision) {
@@ -239,9 +227,7 @@ struct xt_target xt_find_target(u8 af, const char name, u8 revision)
239	struct xt_target *t;	227	struct xt_target *t;
240	int err = -ENOENT;	228	int err = -ENOENT;
241		229
242	if (mutex_lock_interruptible(&xt[af].mutex) != 0)	230	mutex_lock(&xt[af].mutex);
243	return ERR_PTR(-EINTR);
244
245	list_for_each_entry(t, &xt[af].target, list) {	231	list_for_each_entry(t, &xt[af].target, list) {
246	if (strcmp(t->name, name) == 0) {	232	if (strcmp(t->name, name) == 0) {
247	if (t->revision == revision) {	233	if (t->revision == revision) {
@@ -323,10 +309,7 @@ int xt_find_revision(u8 af, const char *name, u8 revision, int target,
323	{	309	{
324	int have_rev, best = -1;	310	int have_rev, best = -1;
325		311
326	if (mutex_lock_interruptible(&xt[af].mutex) != 0) {	312	mutex_lock(&xt[af].mutex);
327	*err = -EINTR;
328	return 1;
329	}
330	if (target == 1)	313	if (target == 1)
331	have_rev = target_revfn(af, name, revision, &best);	314	have_rev = target_revfn(af, name, revision, &best);
332	else	315	else
@@ -732,9 +715,7 @@ struct xt_table xt_find_table_lock(struct net net, u_int8_t af,
732	{	715	{
733	struct xt_table *t;	716	struct xt_table *t;
734		717
735	if (mutex_lock_interruptible(&xt[af].mutex) != 0)	718	mutex_lock(&xt[af].mutex);
736	return ERR_PTR(-EINTR);
737
738	list_for_each_entry(t, &net->xt.tables[af], list)	719	list_for_each_entry(t, &net->xt.tables[af], list)
739	if (strcmp(t->name, name) == 0 && try_module_get(t->me))	720	if (strcmp(t->name, name) == 0 && try_module_get(t->me))
740	return t;	721	return t;
@@ -883,10 +864,7 @@ struct xt_table xt_register_table(struct net net,
883	goto out;	864	goto out;
884	}	865	}
885		866
886	ret = mutex_lock_interruptible(&xt[table->af].mutex);	867	mutex_lock(&xt[table->af].mutex);
887	if (ret != 0)
888	goto out_free;
889
890	/* Don't autoload: we'd eat our tail... */	868	/* Don't autoload: we'd eat our tail... */
891	list_for_each_entry(t, &net->xt.tables[table->af], list) {	869	list_for_each_entry(t, &net->xt.tables[table->af], list) {
892	if (strcmp(t->name, table->name) == 0) {	870	if (strcmp(t->name, table->name) == 0) {
@@ -911,9 +889,8 @@ struct xt_table xt_register_table(struct net net,
911	mutex_unlock(&xt[table->af].mutex);	889	mutex_unlock(&xt[table->af].mutex);
912	return table;	890	return table;
913		891
914	unlock:	892	unlock:
915	mutex_unlock(&xt[table->af].mutex);	893	mutex_unlock(&xt[table->af].mutex);
916	out_free:
917	kfree(table);	894	kfree(table);
918	out:	895	out:
919	return ERR_PTR(ret);	896	return ERR_PTR(ret);