Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/1.1/patches/2228641/?format=api
{ "id": 2228641, "url": "http://patchwork.ozlabs.org/api/1.1/patches/2228641/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260427073424.573672-3-kadlec@netfilter.org/", "project": { "id": 26, "url": "http://patchwork.ozlabs.org/api/1.1/projects/26/?format=api", "name": "Netfilter Development", "link_name": "netfilter-devel", "list_id": "netfilter-devel.vger.kernel.org", "list_email": "netfilter-devel@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null }, "msgid": "<20260427073424.573672-3-kadlec@netfilter.org>", "date": "2026-04-27T07:34:21", "name": "[2/5] netfilter: ipset: Fix data race between add and dump in all hash types", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": true, "hash": "94bd191e1f1768852eceffa789edce2ed4e42c8a", "submitter": { "id": 77226, "url": "http://patchwork.ozlabs.org/api/1.1/people/77226/?format=api", "name": "Jozsef Kadlecsik", "email": "kadlec@netfilter.org" }, "delegate": { "id": 11902, "url": "http://patchwork.ozlabs.org/api/1.1/users/11902/?format=api", "username": "strlen", "first_name": "Florian", "last_name": "Westphal", "email": "fw@strlen.de" }, "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260427073424.573672-3-kadlec@netfilter.org/mbox/", "series": [ { "id": 501591, "url": "http://patchwork.ozlabs.org/api/1.1/series/501591/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=501591", "date": "2026-04-27T07:34:21", "name": "netfilter: ipset fixes", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/501591/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2228641/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2228641/checks/", "tags": {}, "headers": { "Return-Path": "\n <netfilter-devel+bounces-12207-incoming=patchwork.ozlabs.org@vger.kernel.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "netfilter-devel@vger.kernel.org" ], "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=blackhole.kfki.hu header.i=@blackhole.kfki.hu\n header.a=rsa-sha256 header.s=20151130 header.b=FFCB+Ddm;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c04:e001:36c::12fc:5321; helo=tor.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-12207-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)", "smtp.subspace.kernel.org;\n\tdkim=pass (1024-bit key) header.d=blackhole.kfki.hu\n header.i=@blackhole.kfki.hu header.b=\"FFCB+Ddm\"", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=148.6.0.51", "smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=netfilter.org", "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=blackhole.kfki.hu" ], "Received": [ "from tor.lore.kernel.org (tor.lore.kernel.org\n [IPv6:2600:3c04:e001:36c::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g3wM33X3Cz1yJX\n\tfor <incoming@patchwork.ozlabs.org>; Mon, 27 Apr 2026 17:34:55 +1000 (AEST)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby tor.lore.kernel.org (Postfix) with ESMTP id 6AB4E3005654\n\tfor <incoming@patchwork.ozlabs.org>; Mon, 27 Apr 2026 07:34:53 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id DE0AA37EFF4;\n\tMon, 27 Apr 2026 07:34:43 +0000 (UTC)", "from smtp-out.kfki.hu (smtp-out.kfki.hu [148.6.0.51])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 6B85237C938\n\tfor <netfilter-devel@vger.kernel.org>; Mon, 27 Apr 2026 07:34:35 +0000 (UTC)", "from localhost (localhost [127.0.0.1])\n\tby smtp2.kfki.hu (Postfix) with ESMTP id 4g3wLV6TGDz7s85G;\n\tMon, 27 Apr 2026 09:34:26 +0200 (CEST)", "from smtp2.kfki.hu ([127.0.0.1])\n by localhost (smtp2.kfki.hu [127.0.0.1]) (amavis, port 10026) with ESMTP\n id m4HxRpF6lgqb; Mon, 27 Apr 2026 09:34:25 +0200 (CEST)", "from mentat.rmki.kfki.hu (254C0B05.nat.pool.telekom.hu [37.76.11.5])\n\t(Authenticated sender: kadlecsik.jozsef@wigner.hu)\n\tby smtp2.kfki.hu (Postfix) with ESMTPSA id 4g3wLT01B4z7s859;\n\tMon, 27 Apr 2026 09:34:24 +0200 (CEST)", "by mentat.rmki.kfki.hu (Postfix, from userid 1000)\n\tid 863B714127D; Mon, 27 Apr 2026 09:34:24 +0200 (CEST)" ], "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1777275282; cv=none;\n b=TrKruwmgxuNVrujNc8GvkCyUzDtj9t2BS7MtQym/O54VFcE7Ieq/sKuAmTfd+XWaJTfhBfEYFOOEw7Tk4eGDa13E4920DgeAI4hRSwRrsWactjM6YVzrKHjIFbfaPs7rq0n7IgrGunrxz+w+q9dODiVP6/0eTv9Gv38pExPWSo8=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1777275282; c=relaxed/simple;\n\tbh=gXE9+zLmExyalSg4nEM4Hx+xtDJRSXB51Emy4IJ+GD0=;\n\th=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:\n\t MIME-Version;\n b=Yd7SPnsq7sh735KZb2sRovMfIcfELrZ64kTax4mYlV8WxPQGyrZCznrkQ6mXyPu951qB5RRhW7LpJ06mGIkbzi3EBh9FdOmdZuWFuujVMW14vPz+XOP7wnNe4SGe0YF/A0jtFUKsoiQI0S3dh7NxnUqeHJzN3sABI0uU/fZpMzE=", "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=netfilter.org;\n spf=pass smtp.mailfrom=blackhole.kfki.hu;\n dkim=pass (1024-bit key) header.d=blackhole.kfki.hu\n header.i=@blackhole.kfki.hu header.b=FFCB+Ddm;\n arc=none smtp.client-ip=148.6.0.51", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=\n\tblackhole.kfki.hu; h=mime-version:references:in-reply-to\n\t:x-mailer:message-id:date:date:from:from:received:received\n\t:received; s=20151130; t=1777275265; x=1779089666; bh=e7ByC2pgz8\n\tRc4pKTN1avTUBg9+OOXEPEsiZWvkL1Ffc=; b=FFCB+DdmY4RAzfJENoLbNhflkn\n\t6cWb1AZFCkIJQTQnJqFxInTgjE+maVvETqYjWzbYjSQ5+jhTix7pfYtn5rVEPB5B\n\tC9ecBTTu07SoOwExzH7+29ugpAtPwFumcBo26GJQWI1j3j9G6IkE0RBPcosgfglJ\n\tHuSRDovOo99q0vZAc=", "X-Virus-Scanned": "Debian amavis at smtp2.kfki.hu", "From": "Jozsef Kadlecsik <kadlec@netfilter.org>", "To": "netfilter-devel@vger.kernel.org", "Cc": "Pablo Neira Ayuso <pablo@netfilter.org>", "Subject": "[PATCH 2/5] netfilter: ipset: Fix data race between add and dump in\n all hash types", "Date": "Mon, 27 Apr 2026 09:34:21 +0200", "Message-Id": "<20260427073424.573672-3-kadlec@netfilter.org>", "X-Mailer": "git-send-email 2.39.5", "In-Reply-To": "<20260427073424.573672-1-kadlec@netfilter.org>", "References": "<20260427073424.573672-1-kadlec@netfilter.org>", "Precedence": "bulk", "X-Mailing-List": "netfilter-devel@vger.kernel.org", "List-Id": "<netfilter-devel.vger.kernel.org>", "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "X-deepspam": "maybeham 9%", "Content-Transfer-Encoding": "quoted-printable" }, "content": "When adding a new entry to the next position in the existing hash bucket,\nthe position index was incremented too early and parallel dump could\nread it before the entry was populated with the value. Move the setting\nof the position index after populating the entry.\n\nv2: Position counting fixed, noticed by Florian Westphal.\n\nReported-by: syzbot+786c889f046e8b003ca6@syzkaller.appspotmail.com\nReported-by: syzbot+1da17e4b41d795df059e@syzkaller.appspotmail.com\nReported-by: syzbot+421c5f3ff8e9493084d9@syzkaller.appspotmail.com\nSigned-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>\n---\n net/netfilter/ipset/ip_set_hash_gen.h | 7 +++++--\n 1 file changed, 5 insertions(+), 2 deletions(-)", "diff": "diff --git a/net/netfilter/ipset/ip_set_hash_gen.h b/net/netfilter/ipset/ip_set_hash_gen.h\nindex 181daa9c2019..f96085b19682 100644\n--- a/net/netfilter/ipset/ip_set_hash_gen.h\n+++ b/net/netfilter/ipset/ip_set_hash_gen.h\n@@ -844,7 +844,7 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \tconst struct mtype_elem *d = value;\n \tstruct mtype_elem *data;\n \tstruct hbucket *n, *old = ERR_PTR(-ENOENT);\n-\tint i, j = -1, ret;\n+\tint i, j = -1, npos = 0, ret;\n \tbool flag_exist = flags & IPSET_FLAG_EXIST;\n \tbool deleted = false, forceadd = false, reuse = false;\n \tu32 r, key, multi = 0, elements, maxelem;\n@@ -889,6 +889,7 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \t\t\text_size(AHASH_INIT_SIZE, set->dsize);\n \t\tgoto copy_elem;\n \t}\n+\tnpos = n->pos;\n \tfor (i = 0; i < n->pos; i++) {\n \t\tif (!test_bit(i, n->used)) {\n \t\t\t/* Reuse first deleted entry */\n@@ -962,7 +963,8 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \t}\n \n copy_elem:\n-\tj = n->pos++;\n+\tj = npos;\n+\tnpos = n->pos + 1;\n \tdata = ahash_data(n, j, set->dsize);\n copy_data:\n \tt->hregion[r].elements++;\n@@ -985,6 +987,7 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \tif (SET_WITH_TIMEOUT(set))\n \t\tip_set_timeout_set(ext_timeout(data, set), ext->timeout);\n \tsmp_mb__before_atomic();\n+\tn->pos = npos;\n \tset_bit(j, n->used);\n \tif (old != ERR_PTR(-ENOENT)) {\n \t\trcu_assign_pointer(hbucket(t, key), n);\n", "prefixes": [ "2/5" ] }