netfilter: ipset: Add list flush to cancel_gc

keltar · ummakynes · commit c1193d9bbbd3 · 2024-05-20T20:38:42.000+02:00
Flushing list in cancel_gc drops references to other lists right away, without waiting for RCU to destroy list. Fixes race when referenced ipsets can't be destroyed while referring list is scheduled for destroy. Fixes: 97f7cf1 ("netfilter: ipset: fix performance regression in swap operation") Signed-off-by: Alexander Maltsev <keltar.gw@gmail.com> Acked-by: Jozsef Kadlecsik <kadlec@netfilter.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
diff --git a/net/netfilter/ipset/ip_set_list_set.c b/net/netfilter/ipset/ip_set_list_set.c
@@ -549,6 +549,9 @@ list_set_cancel_gc(struct ip_set *set)
 
 	if (SET_WITH_TIMEOUT(set))
 		timer_shutdown_sync(&map->gc);
+
+	/* Flush list to drop references to other ipsets */
+	list_set_flush(set);
 }
 
 static const struct ip_set_type_variant set_variant = {

Original file line number	Diff line number	Diff line change
`@@ -549,6 +549,9 @@ list_set_cancel_gc(struct ip_set *set)`
`549`	`549`
`550`	`550`	`if (SET_WITH_TIMEOUT(set))`
`551`	`551`	`timer_shutdown_sync(&map->gc);`
	`552`	`+`
	`553`	`+ /* Flush list to drop references to other ipsets */`
	`554`	`+ list_set_flush(set);`
`552`	`555`	`}`
`553`	`556`
`554`	`557`	`static const struct ip_set_type_variant set_variant = {`