Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/1.1/patches/2223393/?format=api
{ "id": 2223393, "url": "http://patchwork.ozlabs.org/api/1.1/patches/2223393/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260415082039.4133308-3-kadlec@netfilter.org/", "project": { "id": 26, "url": "http://patchwork.ozlabs.org/api/1.1/projects/26/?format=api", "name": "Netfilter Development", "link_name": "netfilter-devel", "list_id": "netfilter-devel.vger.kernel.org", "list_email": "netfilter-devel@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null }, "msgid": "<20260415082039.4133308-3-kadlec@netfilter.org>", "date": "2026-04-15T08:20:39", "name": "[2/2] netfilter: ipset: Fix data race between add and dump in all hash types", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": true, "hash": "c70eed005cdd0710840c7f88d4dad352793d5908", "submitter": { "id": 77226, "url": "http://patchwork.ozlabs.org/api/1.1/people/77226/?format=api", "name": "Jozsef Kadlecsik", "email": "kadlec@netfilter.org" }, "delegate": { "id": 11902, "url": "http://patchwork.ozlabs.org/api/1.1/users/11902/?format=api", "username": "strlen", "first_name": "Florian", "last_name": "Westphal", "email": "fw@strlen.de" }, "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260415082039.4133308-3-kadlec@netfilter.org/mbox/", "series": [ { "id": 499944, "url": "http://patchwork.ozlabs.org/api/1.1/series/499944/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=499944", "date": "2026-04-15T08:20:37", "name": "[1/2] netfilter: ipset: Fix data race between add and list header in all hash types", "version": 3, "mbox": "http://patchwork.ozlabs.org/series/499944/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2223393/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2223393/checks/", "tags": {}, "headers": { "Return-Path": "\n <netfilter-devel+bounces-11901-incoming=patchwork.ozlabs.org@vger.kernel.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "netfilter-devel@vger.kernel.org" ], "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=blackhole.kfki.hu header.i=@blackhole.kfki.hu\n header.a=rsa-sha256 header.s=20151130 header.b=fddcGkcZ;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c09:e001:a7::12fc:5321; helo=sto.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-11901-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)", "smtp.subspace.kernel.org;\n\tdkim=pass (1024-bit key) header.d=blackhole.kfki.hu\n header.i=@blackhole.kfki.hu header.b=\"fddcGkcZ\"", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=148.6.0.50", "smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=netfilter.org", "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=blackhole.kfki.hu" ], "Received": [ "from sto.lore.kernel.org (sto.lore.kernel.org\n [IPv6:2600:3c09:e001:a7::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fwYyV6ZxZz1yDF\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 15 Apr 2026 18:21:38 +1000 (AEST)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sto.lore.kernel.org (Postfix) with ESMTP id 03B5B3042387\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 15 Apr 2026 08:21:03 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 4CCFF3D16F7;\n\tWed, 15 Apr 2026 08:20:53 +0000 (UTC)", "from smtp-out.kfki.hu (smtp-out.kfki.hu [148.6.0.50])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id CD3EB3CE490\n\tfor <netfilter-devel@vger.kernel.org>; Wed, 15 Apr 2026 08:20:49 +0000 (UTC)", "from localhost (localhost [127.0.0.1])\n\tby smtp1.kfki.hu (Postfix) with ESMTP id 4fwYxP4sCszGFDN4;\n\tWed, 15 Apr 2026 10:20:41 +0200 (CEST)", "from smtp1.kfki.hu ([127.0.0.1])\n by localhost (smtp1.kfki.hu [127.0.0.1]) (amavis, port 10026) with ESMTP\n id cJx6cgtuFf1W; Wed, 15 Apr 2026 10:20:39 +0200 (CEST)", "from blackhole.kfki.hu (blackhole.szhk.kfki.hu [148.6.240.2])\n\tby smtp1.kfki.hu (Postfix) with ESMTP id 4fwYxM5XKxzGFDN3;\n\tWed, 15 Apr 2026 10:20:39 +0200 (CEST)", "by blackhole.kfki.hu (Postfix, from userid 1000)\n\tid B09B434316C; Wed, 15 Apr 2026 10:20:39 +0200 (CEST)" ], "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1776241252; cv=none;\n b=LOTB+NKB4XV8gT/5PRlnxhQTl8nuMq4JbOmFPK0YqcGm3Y44Cj5rP2WdaIVAgo0YnP5B36fcv2Kr6MNhY1ly7nW0aw/TTqZbdYwvb277JOwNyscPH2zBmjZ2Sbhk0SgnB/V3r8c1lbbttxuNu8X7Cdk8OeiGgJCS0BezGS10ZKY=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1776241252; c=relaxed/simple;\n\tbh=7wJz8M5itl9ddWgUW+XiTHkA05ViTfddCZzXlzDMkFc=;\n\th=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:\n\t MIME-Version;\n b=A2Qnze414LWpbX3+ZkcjJXU/50fpq0Jh/epsH7SxrlZyg4ioo6Boxnc3lHMybNcjBAPIorsH1Pv1qNppXInUtY7SkO0VGRMsrmURVSbvl8e+ZkZ1WH2SZDcTb0xSh9TbcqC0ZQDoOvU9Zq6/kNuJae3eyvgshcM9CW5UFuKPqcs=", "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=netfilter.org;\n spf=pass smtp.mailfrom=blackhole.kfki.hu;\n dkim=pass (1024-bit key) header.d=blackhole.kfki.hu\n header.i=@blackhole.kfki.hu header.b=fddcGkcZ;\n arc=none smtp.client-ip=148.6.0.50", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=\n\tblackhole.kfki.hu; h=mime-version:references:in-reply-to\n\t:x-mailer:message-id:date:date:from:from:received:received\n\t:received; s=20151130; t=1776241239; x=1778055640; bh=P40TgG6IZR\n\tYVNAuSkuuChW80ik5S+J42hc9xOA5y6Kg=; b=fddcGkcZf50hWK2dzQ5Zzg1fan\n\tNxiQU7x9sDDKvxBPrQchh7Eca8abL7F6gSydYgSbicRRHG7m9mCuGHLLGc6IDu37\n\thSjl+gklZfEnExhV9FW12O/EEvFqU+ylyqIYJTgOBMcNibs3PtSpC5reX6ZUYaYL\n\tq1JdyQWVuXzIzaybY=", "X-Virus-Scanned": "Debian amavis at smtp1.kfki.hu", "From": "Jozsef Kadlecsik <kadlec@netfilter.org>", "To": "netfilter-devel@vger.kernel.org", "Cc": "Pablo Neira Ayuso <pablo@netfilter.org>,\n\tFlorian Westphal <fw@strlen.de>", "Subject": "[PATCH 2/2] netfilter: ipset: Fix data race between add and dump in\n all hash types", "Date": "Wed, 15 Apr 2026 10:20:39 +0200", "Message-Id": "<20260415082039.4133308-3-kadlec@netfilter.org>", "X-Mailer": "git-send-email 2.39.5", "In-Reply-To": "<20260415082039.4133308-1-kadlec@netfilter.org>", "References": "<20260415082039.4133308-1-kadlec@netfilter.org>", "Precedence": "bulk", "X-Mailing-List": "netfilter-devel@vger.kernel.org", "List-Id": "<netfilter-devel.vger.kernel.org>", "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "quoted-printable" }, "content": "When adding a new entry to the next position in the existing hash bucket,\nthe position index was incremented too early and parallel dump could\nread it before the entry was populated with the value. Move the setting\nof the position index after populating the entry.\n\nReported-by: syzbot+786c889f046e8b003ca6@syzkaller.appspotmail.com\nReported-by: syzbot+1da17e4b41d795df059e@syzkaller.appspotmail.com\nReported-by: syzbot+421c5f3ff8e9493084d9@syzkaller.appspotmail.com\nSigned-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>\n---\n net/netfilter/ipset/ip_set_hash_gen.h | 6 ++++--\n 1 file changed, 4 insertions(+), 2 deletions(-)", "diff": "diff --git a/net/netfilter/ipset/ip_set_hash_gen.h b/net/netfilter/ipset/ip_set_hash_gen.h\nindex b79e5dd2af03..0da02a8dfbae 100644\n--- a/net/netfilter/ipset/ip_set_hash_gen.h\n+++ b/net/netfilter/ipset/ip_set_hash_gen.h\n@@ -844,7 +844,7 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \tconst struct mtype_elem *d = value;\n \tstruct mtype_elem *data;\n \tstruct hbucket *n, *old = ERR_PTR(-ENOENT);\n-\tint i, j = -1, ret;\n+\tint i, j = -1, npos = 0, ret;\n \tbool flag_exist = flags & IPSET_FLAG_EXIST;\n \tbool deleted = false, forceadd = false, reuse = false;\n \tu32 r, key, multi = 0, elements, maxelem;\n@@ -889,6 +889,7 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \t\t\text_size(AHASH_INIT_SIZE, set->dsize);\n \t\tgoto copy_elem;\n \t}\n+\tnpos = n->pos;\n \tfor (i = 0; i < n->pos; i++) {\n \t\tif (!test_bit(i, n->used)) {\n \t\t\t/* Reuse first deleted entry */\n@@ -962,7 +963,7 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \t}\n \n copy_elem:\n-\tj = n->pos++;\n+\tj = npos = n->pos + 1;\n \tdata = ahash_data(n, j, set->dsize);\n copy_data:\n \tt->hregion[r].elements++;\n@@ -985,6 +986,7 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \tif (SET_WITH_TIMEOUT(set))\n \t\tip_set_timeout_set(ext_timeout(data, set), ext->timeout);\n \tsmp_mb__before_atomic();\n+\tn->pos = npos;\n \tset_bit(j, n->used);\n \tif (old != ERR_PTR(-ENOENT)) {\n \t\trcu_assign_pointer(hbucket(t, key), n);\n", "prefixes": [ "2/2" ] }