[lvc-project] [PATCH] netfilter: xt_recent: Fix attempt to update removed entry

[Igor Artemiev <Igor.A.Artemiev@xxxxxxx>]

When both --remove and --update flag are specified, there's a code
path at which the entry to be updated is removed beforehand,
that leads to kernel crash. Update entry, if --remove flag
don't specified.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Igor Artemiev <Igor.A.Artemiev@xxxxxxx>
Fixes: 404bdbfd242c ("[NETFILTER]: recent match: replace by rewritten version")
---
 net/netfilter/xt_recent.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c
index 7ddb9a78e3fc..189a413aa9d8 100644
--- a/net/netfilter/xt_recent.c
+++ b/net/netfilter/xt_recent.c
@@ -315,7 +315,8 @@ recent_mt(const struct sk_buff *skb, struct xt_action_param *par)
 	}
 
 	if (info->check_set & XT_RECENT_SET ||
-	    (info->check_set & XT_RECENT_UPDATE && ret)) {
+	    (info->check_set & XT_RECENT_UPDATE && ret &&
+	     !(info->check_set & XT_RECENT_REMOVE))) {
 		recent_entry_update(t, e);
 		e->ttl = ttl;
 	}
-- 
2.30.2