openkylin
/
platform_kernel-5.15
mirror of https://gitee.com/openkylin/platform_kernel-5.15.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Revert "netfilter: nft_ct: fix use after free when attaching zone template" 

This reverts commit 2e25c46c6e.

It breaks the abi and is not really needed for Android systems, so
revert it for now.

Bug: 161946584
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I20e6d9e81124122c75289424b8411d85c9047c71
This commit is contained in:
Greg Kroah-Hartman 2022-05-17 20:11:36 +02:00
parent de109008b3
commit 6910f0f08b
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
net/netfilter/nft_ct.c
View File

@ -260,12 +260,9 @@ static void nft_ct_set_zone_eval(const struct nft_expr *expr,
ct = this_cpu_read(nft_ct_pcpu_template);
if (likely(refcount_read(&ct->ct_general.use) == 1)) {
refcount_inc(&ct->ct_general.use);
nf_ct_zone_add(ct, &zone);
} else {
/* previous skb got queued to userspace, allocate temporary
* one until percpu template can be reused.
*/
/* previous skb got queued to userspace */
ct = nf_ct_tmpl_alloc(nft_net(pkt), &zone, GFP_ATOMIC);
if (!ct) {
regs->verdict.code = NF_DROP;