diff options
| author | Weiming Shi <bestswngs@gmail.com> | 2026-04-27 15:34:50 +0300 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2026-04-30 01:57:42 +0300 |
| commit | 1d47b55b36d2ec73fe6901212c8b28a593c3b27c (patch) | |
| tree | 5df3d0d59698a6c71c546548f74623649b40e18d /include/linux/buffer_head.h | |
| parent | 0a0b35f0bf10b4c2be607465f5c9c12c8681305b (diff) | |
| download | linux-1d47b55b36d2ec73fe6901212c8b28a593c3b27c.tar.xz | |
netfilter: nft_fwd_netdev: use recursion counter in neigh egress path
nft_fwd_neigh can be used in egress chains (NF_NETDEV_EGRESS). When the
forwarding rule targets the same device or two devices forward to each
other, neigh_xmit() triggers dev_queue_xmit() which re-enters
nf_hook_egress(), causing infinite recursion and stack overflow.
Move the nf_get_nf_dup_skb_recursion() accessor and NF_RECURSION_LIMIT
to the shared header nf_dup_netdev.h as a static inline, so that
nft_fwd_netdev can use the recursion counter directly without exported
function call overhead. Guard neigh_xmit() with the same recursion
limit already used in nf_do_netdev_egress().
[ Updated to cache the nf_get_nf_dup_skb_recursion pointer. --pablo ]
Fixes: f87b9464d152 ("netfilter: nft_fwd_netdev: Support egress hook")
Reported-by: Xiang Mei <xmei5@asu.edu>
Signed-off-by: Weiming Shi <bestswngs@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/linux/buffer_head.h')
0 files changed, 0 insertions, 0 deletions