netfilter: x_tables: add and use xtables_unregister_table_exit - kernel/linux.git

diff options

author	Florian Westphal <fw@strlen.de>	2026-05-06 13:07:17 +0300
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2026-05-08 02:30:16 +0300
commit	b4597d5fd7d2f8cebfffd40dffb5e003cc78964c (patch)
tree	a63f2c2ae8c0119b9f7cfdf7ac87536a5ef60542 /scripts/decode_stacktrace.sh
parent	d338693d778579b676a61346849bebd892427158 (diff)
download	linux-b4597d5fd7d2f8cebfffd40dffb5e003cc78964c.tar.xz

netfilter: x_tables: add and use xtables_unregister_table_exit

Previous change added xtables_unregister_table_pre_exit to detach the table from the packetpath and to unlink it from the active table list. In case of rmmod, userspace that is doing set/getsockopt for this table will not be able to re-instantiate the table: 1. The larval table has been removed already 2. existing instantiated table is no longer on the xt pernet table list. This adds the second stage helper: unlink the table from the dying list, free the hook ops (if any) and do the audit notification. It replaces xt_unregister_table(). Fixes: fdacd57c79b7 ("netfilter: x_tables: never register tables by default") Reported-by: Tristan Madani <tristan@talencesecurity.com> Reviewed-by: Tristan Madani <tristan@talencesecurity.com> Closes: https://lore.kernel.org/netfilter-devel/20260429175613.1459342-1-tristmd@gmail.com/ Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'scripts/decode_stacktrace.sh')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: