netfilter: cttimeout: decouple unlink and free on netns destruction

Increment the extid on module removal; this makes sure that even in extreme cases any old uncofirmed entry that happened to be kept e.g. on nfnetlink_queue list will not trip over a stale timeout reference. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Florian Westphal <fw@strlen.de> 2022-04-11 14:01:22 +0300
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2022-05-13 19:52:16 +0300
commit: 42df4fb9b1bed6a6d2c1f79b974a9ed14de27ea1 (patch)
tree: d471d5f4d86276156913e524b14124f9c46a7da8
parent: c56716c69ce1ac320432fb1ea5654196ba24d2f8 (diff)
download: linux-42df4fb9b1bed6a6d2c1f79b974a9ed14de27ea1.tar.xz
1 files changed, 12 insertions, 0 deletions
diff --git a/net/netfilter/nfnetlink_cttimeout.c b/net/netfilter/nfnetlink_cttimeout.c
index f366b8187915..9bc4ebe65faa 100644
--- a/net/netfilter/nfnetlink_cttimeout.c
+++ b/net/netfilter/nfnetlink_cttimeout.c
@@ -656,12 +656,24 @@ err_out:
 	return ret;
 }
 
+static int untimeout(struct nf_conn *ct, void *timeout)
+{
+	struct nf_conn_timeout *timeout_ext = nf_ct_timeout_find(ct);
+
+	if (timeout_ext)
+		RCU_INIT_POINTER(timeout_ext->timeout, NULL);
+
+	return 0;
+}
+
 static void __exit cttimeout_exit(void)
 {
 	nfnetlink_subsys_unregister(&cttimeout_subsys);
 
 	unregister_pernet_subsys(&cttimeout_ops);
 	RCU_INIT_POINTER(nf_ct_timeout_hook, NULL);
+
+	nf_ct_iterate_destroy(untimeout, NULL);
 	synchronize_rcu();
 }
author	Florian Westphal <fw@strlen.de>	2022-04-11 14:01:22 +0300
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2022-05-13 19:52:16 +0300
commit	42df4fb9b1bed6a6d2c1f79b974a9ed14de27ea1 (patch)
tree	d471d5f4d86276156913e524b14124f9c46a7da8
parent	c56716c69ce1ac320432fb1ea5654196ba24d2f8 (diff)
download	linux-42df4fb9b1bed6a6d2c1f79b974a9ed14de27ea1.tar.xz