Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/1.2/patches/2235203/?format=api
{ "id": 2235203, "url": "http://patchwork.ozlabs.org/api/1.2/patches/2235203/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260508205903.10238-4-kadlec@netfilter.org/", "project": { "id": 26, "url": "http://patchwork.ozlabs.org/api/1.2/projects/26/?format=api", "name": "Netfilter Development", "link_name": "netfilter-devel", "list_id": "netfilter-devel.vger.kernel.org", "list_email": "netfilter-devel@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260508205903.10238-4-kadlec@netfilter.org>", "list_archive_url": null, "date": "2026-05-08T20:58:58", "name": "[v6,3/8] netfilter: ipset: Fix data race between add and dump in all hash types", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "94bd191e1f1768852eceffa789edce2ed4e42c8a", "submitter": { "id": 77226, "url": "http://patchwork.ozlabs.org/api/1.2/people/77226/?format=api", "name": "Jozsef Kadlecsik", "email": "kadlec@netfilter.org" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260508205903.10238-4-kadlec@netfilter.org/mbox/", "series": [ { "id": 503447, "url": "http://patchwork.ozlabs.org/api/1.2/series/503447/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=503447", "date": "2026-05-08T20:58:57", "name": "netfilter: ipset fixes", "version": 6, "mbox": "http://patchwork.ozlabs.org/series/503447/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2235203/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2235203/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "\n <netfilter-devel+bounces-12513-incoming=patchwork.ozlabs.org@vger.kernel.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "netfilter-devel@vger.kernel.org" ], "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=blackhole.kfki.hu header.i=@blackhole.kfki.hu\n header.a=rsa-sha256 header.s=20151130 header.b=dKPRXS2Y;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c0a:e001:db::12fc:5321; helo=sea.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-12513-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)", "smtp.subspace.kernel.org;\n\tdkim=pass (1024-bit key) header.d=blackhole.kfki.hu\n header.i=@blackhole.kfki.hu header.b=\"dKPRXS2Y\"", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=148.6.0.49", "smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=netfilter.org", "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=blackhole.kfki.hu" ], "Received": [ "from sea.lore.kernel.org (sea.lore.kernel.org\n [IPv6:2600:3c0a:e001:db::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4gC1pd1BXmz1yK7\n\tfor <incoming@patchwork.ozlabs.org>; Sat, 09 May 2026 07:04:57 +1000 (AEST)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sea.lore.kernel.org (Postfix) with ESMTP id 1335B3046539\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 8 May 2026 21:04:23 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 1186E3FE368;\n\tFri, 8 May 2026 21:04:22 +0000 (UTC)", "from smtp-out.kfki.hu (smtp-out.kfki.hu [148.6.0.49])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 2FC5635BDC2\n\tfor <netfilter-devel@vger.kernel.org>; Fri, 8 May 2026 21:04:19 +0000 (UTC)", "from localhost (localhost [127.0.0.1])\n\tby smtp0.kfki.hu (Postfix) with ESMTP id 4gC1gt4Tmsz3sb9W;\n\tFri, 8 May 2026 22:59:06 +0200 (CEST)", "from smtp0.kfki.hu ([127.0.0.1])\n by localhost (smtp0.kfki.hu [127.0.0.1]) (amavis, port 10026) with ESMTP\n id bI9vfJQtoP5w; Fri, 8 May 2026 22:59:04 +0200 (CEST)", "from mentat.rmki.kfki.hu (254C131D.nat.pool.telekom.hu\n [37.76.19.29])\n\t(Authenticated sender: kadlecsik.jozsef@wigner.hu)\n\tby smtp0.kfki.hu (Postfix) with ESMTPSA id 4gC1gr56Jjz3sb8s;\n\tFri, 8 May 2026 22:59:04 +0200 (CEST)", "by mentat.rmki.kfki.hu (Postfix, from userid 1000)\n\tid EE85C141D64; Fri, 8 May 2026 22:59:03 +0200 (CEST)" ], "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1778274261; cv=none;\n b=SIMxgR/gJOjaDJiJhjdxJYYvKxF7S79WR12OnkKEMssD0vN+KJ7Kvp7RNiMa6mIdeDPyIZdSbBuCzGby6aduYNkWFtd1KeeOtQKp6Sji7PBq53RYCSW75IVUm/2/mvam4YO6VDxqSYvQVkWBm0nhR4siCb2hFMilhIk91QkZrto=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1778274261; c=relaxed/simple;\n\tbh=z9vTmh0fSqwJ1ueufXsV7s1eXltCSepqRBLDjqQ/Xfs=;\n\th=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:\n\t MIME-Version;\n b=eBriEWZTiXT5gdgVhp6Jo00RY/FE1bNGvRvTteLxXVAMjjF8Ckcwu34/nlkKUhMLgYVam0V11nLZKblkFtW4Sk0kxQ5pmoTZRb9iaccxj7cyzktiifi/jKDBSICKN3FkO3RVANcGBtP3rBdxWclKDg8plYtMFO/X6pC4cMccuxE=", "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=netfilter.org;\n spf=pass smtp.mailfrom=blackhole.kfki.hu;\n dkim=pass (1024-bit key) header.d=blackhole.kfki.hu\n header.i=@blackhole.kfki.hu header.b=dKPRXS2Y;\n arc=none smtp.client-ip=148.6.0.49", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=\n\tblackhole.kfki.hu; h=mime-version:references:in-reply-to\n\t:x-mailer:message-id:date:date:from:from:received:received\n\t:received; s=20151130; t=1778273944; x=1780088345; bh=mMbMG0BPl3\n\tzgbThJJz5+q6tMTVZ/+YN5YNiuckTDl5Q=; b=dKPRXS2YOT8Pl31kUDLLBeB5O2\n\tSOKEl2cHowmnXIISQR3Pi3U9F0fPlw1goOdNC7OcsLY1dj0Jji1a1A/Ao7NM997F\n\tXi1DPFK7r2RaLIYJEz3ckFT6RZyLA9hsbrxA93dGV2cP0bpN1eST+eGrq5nPaZN3\n\tbKnIsswi2cOk6uCB8=", "X-Virus-Scanned": "Debian amavis at smtp0.kfki.hu", "From": "Jozsef Kadlecsik <kadlec@netfilter.org>", "To": "netfilter-devel@vger.kernel.org", "Cc": "Pablo Neira Ayuso <pablo@netfilter.org>", "Subject": "[PATCH v6 3/8] netfilter: ipset: Fix data race between add and dump\n in all hash types", "Date": "Fri, 8 May 2026 22:58:58 +0200", "Message-Id": "<20260508205903.10238-4-kadlec@netfilter.org>", "X-Mailer": "git-send-email 2.39.5", "In-Reply-To": "<20260508205903.10238-1-kadlec@netfilter.org>", "References": "<20260508205903.10238-1-kadlec@netfilter.org>", "Precedence": "bulk", "X-Mailing-List": "netfilter-devel@vger.kernel.org", "List-Id": "<netfilter-devel.vger.kernel.org>", "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "X-deepspam": "20ham 10%", "Content-Transfer-Encoding": "quoted-printable" }, "content": "When adding a new entry to the next position in the existing hash bucket,\nthe position index was incremented too early and parallel dump could\nread it before the entry was populated with the value. Move the setting\nof the position index after populating the entry.\n\nv2: Position counting fixed, noticed by Florian Westphal.\n\nReported-by: syzbot+786c889f046e8b003ca6@syzkaller.appspotmail.com\nReported-by: syzbot+1da17e4b41d795df059e@syzkaller.appspotmail.com\nReported-by: syzbot+421c5f3ff8e9493084d9@syzkaller.appspotmail.com\nSigned-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>\n---\n net/netfilter/ipset/ip_set_hash_gen.h | 7 +++++--\n 1 file changed, 5 insertions(+), 2 deletions(-)", "diff": "diff --git a/net/netfilter/ipset/ip_set_hash_gen.h b/net/netfilter/ipset/ip_set_hash_gen.h\nindex b79e5dd2af03..133ce4611eed 100644\n--- a/net/netfilter/ipset/ip_set_hash_gen.h\n+++ b/net/netfilter/ipset/ip_set_hash_gen.h\n@@ -844,7 +844,7 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \tconst struct mtype_elem *d = value;\n \tstruct mtype_elem *data;\n \tstruct hbucket *n, *old = ERR_PTR(-ENOENT);\n-\tint i, j = -1, ret;\n+\tint i, j = -1, npos = 0, ret;\n \tbool flag_exist = flags & IPSET_FLAG_EXIST;\n \tbool deleted = false, forceadd = false, reuse = false;\n \tu32 r, key, multi = 0, elements, maxelem;\n@@ -889,6 +889,7 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \t\t\text_size(AHASH_INIT_SIZE, set->dsize);\n \t\tgoto copy_elem;\n \t}\n+\tnpos = n->pos;\n \tfor (i = 0; i < n->pos; i++) {\n \t\tif (!test_bit(i, n->used)) {\n \t\t\t/* Reuse first deleted entry */\n@@ -962,7 +963,8 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \t}\n \n copy_elem:\n-\tj = n->pos++;\n+\tj = npos;\n+\tnpos = n->pos + 1;\n \tdata = ahash_data(n, j, set->dsize);\n copy_data:\n \tt->hregion[r].elements++;\n@@ -985,6 +987,7 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,\n \tif (SET_WITH_TIMEOUT(set))\n \t\tip_set_timeout_set(ext_timeout(data, set), ext->timeout);\n \tsmp_mb__before_atomic();\n+\tn->pos = npos;\n \tset_bit(j, n->used);\n \tif (old != ERR_PTR(-ENOENT)) {\n \t\trcu_assign_pointer(hbucket(t, key), n);\n", "prefixes": [ "v6", "3/8" ] }